5 matches found
CVE-2025-50122
A CWE-331: Insufficient Entropy vulnerability exists that could cause root password discovery when the password generation algorithm is reverse engineered with access to installation or upgrade artifacts...
CVE-2025-50122
A CWE-331: Insufficient Entropy vulnerability exists that could cause root password discovery when the password generation algorithm is reverse engineered with access to installation or upgrade artifacts...
CVE-2025-50122
creationtimestamp| type| source ---|---|--- 2025-07-10 01:48:46+00:00| seen| https://bsky.app/profile/jimbecher.bsky.social/post/3ltl7mhepzk2i 2025-07-22 10:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-25-203-06...
📄 Schneider Electric EcoStruxure IT Data Center Expert 8.3 Root Password Discovery
Schneider Electric EcoStruxure IT Data Center Expert versions 8.3 and below use logic contained within a JAR file and the MAC address to compute a "random" password for the root account. With access to the JAR file and knowledge of the MAC address, it is possible to determine the root password...
Schneider Electric EcoStruxure IT Data Center Expert Root Password Discovery
Vulnerability Details Affected Vendor: Schneider Electric Affected Product: EcoStruxure IT Data Center Expert Affected Version: 8.3 and prior Platform: CentOS CWE Classification: CWE-6311: Insufficient Entropy CVE ID: CVE-2025-50122 2. Vulnerability Description The Data Center Expert "DCE"...