ACTIVELY EXPLOITED3 sources verified·1 min read
By Lyrie Threat Intelligence·11/3/2021
CVE-2020-8657 added to CISA KEV: EyesOfNetwork EyesOfNetwork
Status: ✅ Confirmed exploited in the wild
Date added: 2021-11-03
Required action: Apply updates per vendor instructions.
Due date: 2022-05-03
Why this matters
EyesOfNetwork contains a use of hard-coded credentials vulnerability, as it uses the same API key by default. Exploitation allows an attacker to calculate or guess the admin access token.
Sources
Lyrie Verdict
Lyrie's autonomous detection layer catches active exploitation primitives at machine speed — closing the gap between disclosure and weaponization that traditional defense simply can't cover.