CVE-2026-8072

🗓️ 12 May 2026 09:57:02Reported by INCIBEType

Ingecon Sun EMS Board local support access uses weak hashing for credentials, enabling privilege escalation.

Reporter	Title	Published	Views	Family All 9
ATTACKERKB	CVE-2026-8072	12 May 202609:57	–	attackerkb
Circl	CVE-2026-8072	12 May 202610:30	–	circl
CNNVD	Ingeteam Ingecon Sun EMS Board 加密问题漏洞	12 May 202600:00	–	cnnvd
Cvelist	CVE-2026-8072 Insecure generation of SAT access credentials in Ingecon EMS Board	12 May 202609:57	–	cvelist
EUVD	EUVD-2026-29445	12 May 202612:32	–	euvd
NVD	CVE-2026-8072	12 May 202610:16	–	nvd
Positive Technologies	PT-2026-40003	12 May 202600:00	–	ptsecurity
RedhatCVE	CVE-2026-8072	5 Jun 202619:11	–	redhatcve
Vulnrichment	CVE-2026-8072 Insecure generation of SAT access credentials in Ingecon EMS Board	12 May 202609:57	–	vulnrichment

Vulners

CNA

Node

ingeteam ingecon_sun_ems_boardRange≤AAX1055CT

ingeteam ingecon_sun_ems_boardRange≤ABU1001_P

ingeteam ingecon_sun_ems_boardRange≤ACL1201_B

ingeteam ingecon_sun_ems_boardRange≤ACL1200AL

ingeteam ingecon_sun_ems_boardRange≤ABH1027_K

ingeteam ingecon_sun_ems_boardRange≤ABH1007_Z

ingeteam ingecon_sun_ems_boardRange≤ABS1009_L

ingeteam ingecon_sun_ems_boardRange≤ABS1005_T

ingeteam ingecon_sun_ems_boardRange≤ACB1005_A

ingeteam ingecon_sun_ems_boardRange≤AAX1031CN

[
  {
    "vendor": "Ingeteam",
    "product": "Ingecon Sun EMS Board",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThanOrEqual": "AAX1055CT",
        "versionType": "custom"
      },
      {
        "status": "affected",
        "version": "0",
        "lessThanOrEqual": "ABU1001_P",
        "versionType": "custom"
      },
      {
        "status": "affected",
        "version": "0",
        "lessThanOrEqual": "ACL1201_B",
        "versionType": "custom"
      },
      {
        "status": "affected",
        "version": "0",
        "lessThanOrEqual": "ACL1200AL",
        "versionType": "custom"
      },
      {
        "status": "affected",
        "version": "0",
        "lessThanOrEqual": "ABH1027_K",
        "versionType": "custom"
      },
      {
        "status": "affected",
        "version": "0",
        "lessThanOrEqual": "ABH1007_Z",
        "versionType": "custom"
      },
      {
        "status": "affected",
        "version": "0",
        "lessThanOrEqual": "ABS1009_L",
        "versionType": "custom"
      },
      {
        "status": "affected",
        "version": "0",
        "lessThanOrEqual": "ABS1005_T",
        "versionType": "custom"
      },
      {
        "status": "affected",
        "version": "0",
        "lessThanOrEqual": "ACB1005_A",
        "versionType": "custom"
      },
      {
        "status": "affected",
        "version": "0",
        "lessThanOrEqual": "AAX1031CN",
        "versionType": "custom"
      },
      {
        "status": "unaffected",
        "version": "AAX1055CU"
      },
      {
        "status": "unaffected",
        "version": "ABU1001_Q"
      },
      {
        "status": "unaffected",
        "version": "ACL1201_C"
      },
      {
        "status": "unaffected",
        "version": "ACL1200AM"
      },
      {
        "status": "unaffected",
        "version": "ABH1027_L"
      },
      {
        "status": "unaffected",
        "version": "ABH1007AA"
      },
      {
        "status": "unaffected",
        "version": "ABS1009_P"
      },
      {
        "status": "unaffected",
        "version": "ABS1005_U"
      },
      {
        "status": "unaffected",
        "version": "ACB1005_C"
      },
      {
        "status": "unaffected",
        "version": "AAX1031CO"
      }
    ],
    "defaultStatus": "unaffected"
  }
]

Source	Link
reversemode	www.reversemode.com/2026/05/a-practical-analysis-of-cyber-physical.html
incibe	www.incibe.es/en/incibe-cert/notices/aviso-sci/insecure-generation-sat-access-credentials-ingecon-ems-board

13 May 2026 15:36Current

5.8Medium risk

Vulners AI Score5.8

CVSS 49.2

EPSS0.00023

SSVC

CWE-327