CVE-2017-20214
Published: 08 January 2026
Summary
CVE-2017-20214 is a critical-severity Use of Hard-coded Credentials (CWE-798) vulnerability in Zeroscience (inferred from references). Its CVSS base score is 9.3 (Critical).
Operationally, exploitation aligns with the MITRE ATT&CK technique SSH (T1021.004); ranked at the 19.8th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 IA-5 (Authenticator Management) and SI-2 (Flaw Remediation).
Deeper analysis
CVE-2017-20214 is a vulnerability in FLIR Thermal Camera F/FC/PT/D firmware version 8.0.0.64, where hard-coded SSH credentials are embedded and cannot be changed through normal camera operations. This issue, published on 2026-01-08, falls under CWE-798 (Use of Hard-coded Credentials) and carries a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N), reflecting high confidentiality impact from network-based access.
Remote attackers with network access to the affected camera can exploit these persistent credentials without requiring privileges, user interaction, or high complexity. Successful exploitation grants unauthorized remote SSH access to the thermal camera system, enabling potential data extraction or further compromise.
Advisories and related resources, including the archived FLIR security blog at https://web.archive.org/web/20171011125811/https://www.flir.com/security/blog/details/?ID=87043, exploit details at https://www.exploit-db.com/exploits/42787/, and reports from https://cxsecurity.com/issue/WLB-2017090205, https://packetstormsecurity.com/files/144324, and https://www.zeroscience.mk/en/vulnerabilities/ZSL-2017-5436.php, provide further details on the issue and potential mitigations.
OWASP Top 10 for Web (2025)
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2026-1609
Vulnerability details
FLIR Thermal Camera F/FC/PT/D firmware version 8.0.0.64 contains hard-coded SSH credentials that cannot be changed through normal camera operations. Attackers can leverage these persistent, unmodifiable credentials to gain unauthorized remote access to the thermal camera system.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Hard-coded SSH credentials directly enable remote authentication and access via SSH (T1021.004) using valid accounts (T1078) with no additional credential acquisition required.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
IA-5 requires secure management of authenticators including changing default content and protecting from unauthorized disclosure, directly preventing use of hard-coded SSH credentials.
SI-2 mandates identification, reporting, and timely remediation of system flaws such as hard-coded credentials via firmware updates.
AC-17 authorizes, configures, and monitors remote access mechanisms like SSH, limiting exploitation opportunities from hard-coded credentials.