CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:S/C:C/I:C/A:C
AI Score
Confidence
Low
EPSS
Percentile
64.5%
EasyIO EasyIO-30P-SF controllers with firmware before 0.5.21 and 2.x before 2.0.5.21, as used in Accutrol, Bar-Tech Automation, Infocon/EasyIO, Honeywell Automation India, Johnson Controls, SyxthSENSE, Transformative Wave Technologies, Tridium Asia Pacific, and Tridium Europe products, have a hardcoded password, which makes it easier for remote attackers to obtain access via unspecified vectors.
Vendor | Product | Version | CPE |
---|---|---|---|
easyio | easyio-30p-sf_firmware | * | cpe:2.3:o:easyio:easyio-30p-sf_firmware:*:*:*:*:*:*:*:* |
easyio | easyio-30p-sf | * | cpe:2.3:h:easyio:easyio-30p-sf:*:*:*:*:*:*:*:* |