Hardcoded credentials

A vulnerability has been identified in SIMATIC HMI Comfort Panels 4" - 22" All versions V15.1 Update 1, SIMATIC HMI Comfort Outdoor Panels 7" & 15" All versions V15.1 Update 1, SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 und KTP900F All versions V15.1 Update 1, SIMATIC WinCC...

Hardcoded credentials

A vulnerability has been identified in LOGO! 8 BM incl. SIPLUS variants All versions V8.3. Project data stored on the device, which is accessible via port 10005/tcp, can be decrypted due to a hardcoded encryption key. The security vulnerability could be exploited by an unauthenticated attacker wi...

PT-2019-2337 · Bmx · Bmxnor0200H

Name of the Vulnerable Software and Affected Versions: BMX-NOR-0200H versions prior to V1.7 IR 19 Description: A use of hardcoded credentials issue exists, which could cause a confidentiality issue when using the FTP protocol. This allows a remote attacker to gain access to the FTP service...

CVE-2019-6548

GE Communicator, all versions prior to 4.0.517, contains two backdoor accounts with hardcoded credentials, which may allow control over the database. This service is inaccessible to attackers if Windows default firewall settings are used by the end user...

CVE-2019-6548

GE Communicator, all versions prior to 4.0.517, contains two backdoor accounts with hardcoded credentials, which may allow control over the database. This service is inaccessible to attackers if Windows default firewall settings are used by the end user...

Hardcoded credentials

GE Communicator, all versions prior to 4.0.517, contains two backdoor accounts with hardcoded credentials, which may allow control over the database. This service is inaccessible to attackers if Windows default firewall settings are used by the end user...

CVE-2019-6548

GE Communicator is affected by CVE-2019-6548: all versions before 4.0.517 contain two backdoor accounts with hardcoded credentials that could allow control over the database. Impact is stated as high (C/H/I/H/A/H) with potential remote exploitation per public advisories. The remediation is to upg...

CVE-2019-6548

GE Communicator, all versions prior to 4.0.517, contains two backdoor accounts with hardcoded credentials, which may allow control over the database. This service is inaccessible to attackers if Windows default firewall settings are used by the end user...

PT-2019-18160 · Ge · Ge Communicator

Name of the Vulnerable Software and Affected Versions: GE Communicator versions prior to 4.0.517 Description: The issue concerns the presence of two backdoor accounts with hardcoded credentials in the software, potentially allowing control over the database. However, if the default Windows firewa...

Schneider Electric Modicon Multiple Controllers Hardcoded Credentials

Binary data 720149.prm...

Schneider Electric PowerLogic PM8ECC < 2.651 Hardcoded Credentials

Binary data 720085.prm...

Emerson Multiple RTUs Hardcoded Credentials Storage

Binary data 720176.prm...

Yokogawa STARDOM Controllers <= R4.10 Hardcoded Credentials

Binary data 720137.prm...

Schneider Electric ETG3000 FactoryCast HMI Gateway <= 1.60 IR 04 Hardcoded Credentials

Binary data 720157.prm...

GE Multilink Switches < 5.5.0 Hardcoded Credentials

Binary data 720079.prm...

Yokogawa STARDOM Controllers < R4.02 Hardcoded Credentials

Binary data 720135.prm...

Hardcoded credentials

A vulnerability in the Trusted Platform Module TPM functionality of software for Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure ACI mode could allow an unauthenticated, local attacker with physical access to view sensitive information on an affected device. The...

CVE-2017-18373

The Billion 5200W-T TCLinux Fw $7.3.8.0 v008 130603 router distributed by TrueOnline has three user accounts with default passwords, including two hardcoded service accounts: one with the username true and password true, and another with the username user3 and and a long password consisting of a...

Hardcoded credentials

The Upgrade-Insecure-Requests UIR specification states that if UIR is enabled through Content Security Policy CSP, navigation to a same-origin URL must be upgraded to HTTPS. Firefox will incorrectly navigate to an HTTP URL rather than perform the security upgrade requested by the CSP in some...

Hardcoded credentials

SmarterTools SmarterMail 16.x before build 6985 has hardcoded secret keys. An unauthenticated attacker could access other users’ emails and file attachments. It was also possible to interact with mailing lists...