CVE-2026-45433
Severity CVSS v4.0:
HIGH
Type:
CWE-321
Use of Hard-coded Cryptographic Key
Publication date:
04/06/2026
Last modified:
04/06/2026
Description
This vulnerability exists in GX Earth 2022 ONT models due to the presence of hardcoded RSA private key within the device firmware. A remote attacker could exploit this vulnerability by extracting the cryptographic private key from the firmware, which could lead to decryption of HTTPS traffic and Man-in-the-Middle (MITM) attacks on the targeted device.
Impact
Base Score 4.0
8.70
Severity 4.0
HIGH



