AI Sec Watch: A Security Intelligence Platform for AI Systems

Luu, T.J.

CVE-2025-30234: SmartOS, as used in Triton Data Center and other products, has static host SSH keys in the 60f76fd2-143f-4f57-819b-1ae32

highvulnerability

security

Source: NVD/CVE DatabaseMarch 19, 2025CVE-2025-30234

Summary

SmartOS, a hypervisor (virtualization software that manages virtual machines) used in Triton Data Center and other products, contains static host SSH keys (unchanging cryptographic credentials for remote access) in a specific Debian 12 LX zone image from July 2024. This means multiple systems could potentially share the same SSH keys, allowing unauthorized remote access if someone obtains these keys.

Vulnerability Details

CVSS Score

8.3(high)

EPSS (30-day exploit probability)

EPSS: 0.1%

Classification

Attack SophisticationTrivial

Impact (CIA+S)

confidentialityintegrity

AI Component TargetedInference

Taxonomy References

CWE (Weakness Type)

CWE-321

Affected Vendors

Original source: https://nvd.nist.gov/vuln/detail/CVE-2025-30234

First tracked: February 15, 2026 at 08:45 PM

Classified by LLM (prompt v3) · confidence: 72%