PT-2025-4002 · Contec Health · Contec Health Cms8000 Patient Monitor

Name of the Vulnerable Software and Affected Versions: Contec Health CMS8000 Patient Monitor version Description: The issue involves the transmission of plain-text patient data to a hard-coded public IP address when a patient is connected to the monitor. This could lead to a leakage of confidenti...

Xerox Workplace Suite 信任管理问题漏洞

Xerox Workplace Suite is a powerful print management software from Xerox. A trust management issue vulnerability exists in Xerox Workplace Suite version 5.6.701.9, which stems from the use of a flawed token generation implementation and hard-coded key implementation...

Sprecher Automation SPRECON-E Use of Hard-coded Credentials (CVE-2022-4333)

Hardcoded Credentials in multiple SPRECON-E CPU variants of Sprecher Automation allows an remote attacker to take over the device. These accounts should be deactivated according to Sprecher's hardening guidelines. This plugin only works with Tenable.ot. Please visit...

PT-2025-3988 · Epsimed +1 · Epsimed Mn-120 Patient Monitor +1

Name of the Vulnerable Software and Affected Versions: Contec Health CMS8000 Patient Monitor affected versions not specified Epsimed MN-120 patient monitor affected versions not specified Description: The affected product sends out remote access requests to a hard-coded IP address, bypassing...

CVE-2024-45832

Hard-coded credentials were included as part of the application binary. These credentials served as part of the application authentication flow and communication with the mobile application. An attacker could access unauthorized information...

CVE-2024-45832

CVE-2024-45832 involves Ossur Mobile Logic Application with hard-coded credentials embedded in the binary, enabling an attacker to access unauthorized information. Connected sources indicate vulnerable versions before 1.5.5 (CNNVD) and reiterate the issue across Red Hat and CVE feeds; exploitatio...

CVE-2024-45832 Ossur Mobile Logic Application Use of Hard-coded Credentials

Hard-coded credentials were included as part of the application binary. These credentials served as part of the application authentication flow and communication with the mobile application. An attacker could access unauthorized information...

Ossur Mobile Logic Application 信任管理问题漏洞

Ossur Mobile Logic Application is an intelligent application for bionic prosthetics from Ossur. A trust management issue vulnerability exists in Ossur Mobile Logic Application versions prior to 1.5.5, which stems from hard-coded credentials being included in the application binary, allowing an...

Vulnerabilities fixed in Fortinet FortiSwitch, FortiManager, FortiAnalyzer, FortiOS and FortiProxy

Fortinet has fixed vulnerabilities in FortiSwitch, FortiManager, FortiAnalyzer, FortiOS and FortiProxy. The vulnerabilities include hard-coded cryptographic keys, improper processing of OS commands, and out-of-bounds write and read errors. Attackers can exploit these vulnerabilities to gain...

Smiths Detection HI-SCAN 6040i Hitrax HX-03-19-I 安全漏洞

The Smiths Detection HI-SCAN 6040i Hitrax HX-03-19-I is an entry-level X-ray equipment electronic component from Smiths Detection, UK. A security vulnerability exists in the Smiths Detection HI-SCAN 6040i Hitrax HX-03-19-I that stems from the inclusion of hard-coded credentials used to access...

CVE-2024-50564

A use of hard-coded cryptographic key in Fortinet FortiClientWindows version 7.4.0, 7.2.x all versions, 7.0.x all versions, and 6.4.x all versions may allow a low-privileged user to decrypt interprocess communication via monitoring named piped...

CVE-2024-50564

A use of hard-coded cryptographic key in Fortinet FortiClientWindows version 7.4.0, 7.2.x all versions, 7.0.x all versions, and 6.4.x all versions may allow a low-privileged user to decrypt interprocess communication via monitoring named piped...

CVE-2023-37936

A use of hard-coded cryptographic key in Fortinet FortiSwitch version 7.4.0 and 7.2.0 through 7.2.5 and 7.0.0 through 7.0.7 and 6.4.0 through 6.4.13 and 6.2.0 through 6.2.7 and 6.0.0 through 6.0.7 allows attacker to execute unauthorized code or commands via crafted requests...

CVE-2023-37936

A use of hard-coded cryptographic key in Fortinet FortiSwitch version 7.4.0 and 7.2.0 through 7.2.5 and 7.0.0 through 7.0.7 and 6.4.0 through 6.4.13 and 6.2.0 through 6.2.7 and 6.0.0 through 6.0.7 allows attacker to execute unauthorized code or commands via crafted requests...

Fortinet FortiClientWindows 安全漏洞

Fortinet FortiClientWindows is a Windows-based mobile endpoint security solution from Fortinet, Inc. The solution provides IPsec and SSL encryption, WAN optimization, endpoint compliance, and two-factor authentication when connected to a FortiGate firewall appliance. A security vulnerability exis...

Fortinet FortiSwitch 安全漏洞

Fortinet FortiSwitch is a network switch management tool from Fortinet, Inc. A security vulnerability exists in Fortinet FortiSwitch that stems from the use of hard-coded encryption keys that allow an attacker to execute unauthorized code or commands via a crafted request...

Howyar UEFI Reloader 安全漏洞

Howyar UEFI Reloader is a UEFI Unified Extensible Firmware Interface related utility software from Howyar, primarily used for firmware loading and management. A security vulnerability exists in Howyar UEFI Reloader that originates from the execution of unsigned software in a hard-coded path. The...

Eaton X303 安全漏洞

The Eaton X303 is a programmable logic controller from Eaton Corporation USA. A security vulnerability exists in the Eaton X303 version 3.5.16 through 3.5.17 Build 712, which stems from a hard-coded root password in the firmware, and allows an attacker with network access to the XC-303 PLC to log...

ABB Cylon Aspect 3.08.03 Hard-coded Secrets

Summary ASPECT is an award-winning scalable building energy management and control solution designed to allow users seamless access to their building data through standard building protocols including smart devices. Description The ABB Cylon Aspect BMS/BAS controller contains multiple instances o...

CVE-2024-9138 Privilege Escalation in Cellular Router, Secure Router, and Network Security Appliances

Moxa’s cellular routers, secure routers, and network security appliances are affected by a high-severity vulnerability, CVE-2024-9138. This vulnerability involves hard-coded credentials, enabling an authenticated user to escalate privileges and gain root-level access to the system, posing a...