2 matches found
CVE-2021-27952
Hardcoded default root credentials exist on the ecobee3 lite 4.5.81.200 device. This allows a threat actor to gain access to the password-protected bootloader environment through the serial console...
CVE-2021-27952
CVE-2021-27952 affects Ecobee3 Lite with firmware 4.5.81.200, where hardcoded default root credentials grant access to the password-protected bootloader environment via the serial console. Public references from NVD list a CVSS v3.1 base score of 9.8 (CRITICAL) with network access and no privileg...