Security researchers at Keyfactor analyzed millions of RSA keys and certificates generated on low entropy lightweight IoT devices. More than 435,000 of them shared their prime factors making it easy to derive their private key and compromise them. If an attacker discovers the two prime factors used to derive the RSA keys, the private key can be re-derived, allowing the attacker to impersonate the remote data transmission source, as well as decrypt stored data that relies on the key’s confidentiality. Compromised RSA keys expose a wide range of devices to compromise risks since they are currently used in traffic encryption within critical environments.
Source: https://www.bleepingcomputer.com/news/security/over-435k-security-certs-can-be-compromised-with-less-than-3-000/