Hardcoded default root credentials exist on the ecobee3 lite 4.5.81.200 device. This allows a threat actor to gain access to the password-protected bootloader environment through the serial console.
CPE | Name | Operator | Version |
---|---|---|---|
ecobee3_lite_firmware | eq | 4.5.81.200 |