Lucene search
K

7574 matches found

Prion
Prion
added 2022/07/26 11:15 p.m.19 views

Hardcoded credentials

The Motorola ACE1000 RTU through 2022-05-02 ships with a hardcoded SSH private key and initialization scripts such as /etc/init.d/sshdservice only generate a new key if no private-key file exists. Thus, this hardcoded key is likely to be used by default...

7.5CVSS9.3AI score0.00835EPSS
Exploits0References2
Prion
Prion
added 2022/07/26 11:15 p.m.23 views

Hardcoded credentials

The Motorola ACE1000 RTU through 2022-05-02 uses ECB encryption unsafely. It can communicate with an XRT LAN-to-radio gateway by means of an embedded client. Credentials for accessing this gateway are stored after being encrypted with the Tiny Encryption Algorithm TEA in ECB mode using a hardcode...

7.5CVSS9.5AI score0.00519EPSS
Exploits0References2
NVD
NVD
added 2022/07/26 10:15 p.m.18 views

CVE-2022-29960

Emerson OpenBSI through 2022-04-29 uses weak cryptography. It is an engineering environment for the ControlWave and Bristol Babcock line of RTUs. DES with hardcoded cryptographic keys is used for protection of certain system credentials, engineering files, and sensitive utilities...

5.5CVSS0.00425EPSS
Exploits0References3
NVD
NVD
added 2022/07/26 10:15 p.m.21 views

CVE-2022-29962

The Emerson DeltaV Distributed Control System DCS controllers and IO cards through 2022-04-29 misuse passwords. FTP has hardcoded credentials but may often be disabled in production. This affects S-series, P-series, and CIOC/EIOC nodes. NOTE: this is different from CVE-2014-2350...

5.5CVSS0.00226EPSS
Exploits0References2
NVD
NVD
added 2022/07/26 10:15 p.m.20 views

CVE-2022-29963

The Emerson DeltaV Distributed Control System DCS controllers and IO cards through 2022-04-29 misuse passwords. TELNET on port 18550 provides access to a root shell via hardcoded credentials. This affects S-series, P-series, and CIOC/EIOC nodes. NOTE: this is different from CVE-2014-2350...

5.5CVSS0.00226EPSS
Exploits0References2
NVD
NVD
added 2022/07/26 10:15 p.m.28 views

CVE-2022-29964

The Emerson DeltaV Distributed Control System DCS controllers and IO cards through 2022-04-29 misuse passwords. WIOC SSH provides access to a shell as root, DeltaV, or backup via hardcoded credentials. NOTE: this is different from CVE-2014-2350...

5.5CVSS0.00226EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2022/07/26 10:15 p.m.1 views

CVE-2022-29960

Emerson OpenBSI through 2022-04-29 uses weak cryptography. It is an engineering environment for the ControlWave and Bristol Babcock line of RTUs. DES with hardcoded cryptographic keys is used for protection of certain system credentials, engineering files, and sensitive utilities...

5.5CVSS6.1AI score0.00425EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2022/07/26 10:15 p.m.3 views

CVE-2022-29962

The Emerson DeltaV Distributed Control System DCS controllers and IO cards through 2022-04-29 misuse passwords. FTP has hardcoded credentials but may often be disabled in production. This affects S-series, P-series, and CIOC/EIOC nodes. NOTE: this is different from CVE-2014-2350...

7.5CVSS6AI score0.01319EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2022/07/26 10:15 p.m.4 views

CVE-2022-29963

The Emerson DeltaV Distributed Control System DCS controllers and IO cards through 2022-04-29 misuse passwords. TELNET on port 18550 provides access to a root shell via hardcoded credentials. This affects S-series, P-series, and CIOC/EIOC nodes. NOTE: this is different from CVE-2014-2350...

7.5CVSS6.1AI score0.01319EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2022/07/26 10:15 p.m.3 views

CVE-2022-29964

The Emerson DeltaV Distributed Control System DCS controllers and IO cards through 2022-04-29 misuse passwords. WIOC SSH provides access to a shell as root, DeltaV, or backup via hardcoded credentials. NOTE: this is different from CVE-2014-2350...

7.5CVSS6.1AI score0.01319EPSS
Exploits0References3
OSV
OSV
added 2022/07/26 10:15 p.m.5 views

CVE-2022-29962

The Emerson DeltaV Distributed Control System DCS controllers and IO cards through 2022-04-29 misuse passwords. FTP has hardcoded credentials but may often be disabled in production. This affects S-series, P-series, and CIOC/EIOC nodes. NOTE: this is different from CVE-2014-2350...

5.5CVSS6AI score0.00226EPSS
Exploits0References2
OSV
OSV
added 2022/07/26 10:15 p.m.3 views

CVE-2022-29960

Emerson OpenBSI through 2022-04-29 uses weak cryptography. It is an engineering environment for the ControlWave and Bristol Babcock line of RTUs. DES with hardcoded cryptographic keys is used for protection of certain system credentials, engineering files, and sensitive utilities...

5.5CVSS5.8AI score0.00425EPSS
Exploits0References3
OSV
OSV
added 2022/07/26 10:15 p.m.4 views

CVE-2022-29963

The Emerson DeltaV Distributed Control System DCS controllers and IO cards through 2022-04-29 misuse passwords. TELNET on port 18550 provides access to a root shell via hardcoded credentials. This affects S-series, P-series, and CIOC/EIOC nodes. NOTE: this is different from CVE-2014-2350...

5.5CVSS5.8AI score0.00226EPSS
Exploits0References2
OSV
OSV
added 2022/07/26 10:15 p.m.5 views

CVE-2022-29964

The Emerson DeltaV Distributed Control System DCS controllers and IO cards through 2022-04-29 misuse passwords. WIOC SSH provides access to a shell as root, DeltaV, or backup via hardcoded credentials. NOTE: this is different from CVE-2014-2350...

5.5CVSS5.8AI score0.00226EPSS
Exploits0References2
NVD
NVD
added 2022/07/26 10:15 p.m.19 views

CVE-2022-29953

The Bently Nevada 3700 series of condition monitoring equipment through 2022-04-29 has a maintenance interface on port 4001/TCP with undocumented, hardcoded credentials. An attacker capable of connecting to this interface can thus trivially take over its functionality...

9.8CVSS0.00811EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2022/07/26 10:15 p.m.2 views

CVE-2022-29953

The Bently Nevada 3700 series of condition monitoring equipment through 2022-04-29 has a maintenance interface on port 4001/TCP with undocumented, hardcoded credentials. An attacker capable of connecting to this interface can thus trivially take over its functionality...

9.8CVSS7.2AI score0.00811EPSS
Exploits0References3
OSV
OSV
added 2022/07/26 10:15 p.m.3 views

CVE-2022-29953

The Bently Nevada 3700 series of condition monitoring equipment through 2022-04-29 has a maintenance interface on port 4001/TCP with undocumented, hardcoded credentials. An attacker capable of connecting to this interface can thus trivially take over its functionality...

9.8CVSS5.8AI score0.00811EPSS
Exploits0References2
Prion
Prion
added 2022/07/26 10:15 p.m.21 views

Hardcoded credentials

The Bently Nevada 3700 series of condition monitoring equipment through 2022-04-29 has a maintenance interface on port 4001/TCP with undocumented, hardcoded credentials. An attacker capable of connecting to this interface can thus trivially take over its functionality...

7.5CVSS9.3AI score0.00811EPSS
Exploits0References2Affected Software3
Prion
Prion
added 2022/07/26 10:15 p.m.20 views

Hardcoded credentials

Emerson OpenBSI through 2022-04-29 uses weak cryptography. It is an engineering environment for the ControlWave and Bristol Babcock line of RTUs. DES with hardcoded cryptographic keys is used for protection of certain system credentials, engineering files, and sensitive utilities...

1.7CVSS5.7AI score0.00425EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2022/07/26 10:15 p.m.26 views

Hardcoded credentials

The Emerson DeltaV Distributed Control System DCS controllers and IO cards through 2022-04-29 misuse passwords. TELNET on port 18550 provides access to a root shell via hardcoded credentials. This affects S-series, P-series, and CIOC/EIOC nodes. NOTE: this is different from CVE-2014-2350...

1.7CVSS5.4AI score0.01319EPSS
Exploits0References2Affected Software24
Rows per page
Query Builder