2 matches found
CVE-2018-15807
POSIM EVO 15.13 for Windows contains an "Emergency Override" administrative account accessible via POSIM’s override feature. The Override prompt expects a code computed locally by a deterministic algorithm. An attacker could generate this code to bypass any POSIM EVO login prompt, enabling bypass...
CVE-2018-15808
POSIM EVO 15.13 for Windows stores hardcoded credentials for the root database user. This could give an attacker with network access to the POSIM EVO database the ability to access/modify data and potentially remotely execute code on POSIM EVO clients. Multiple sources document hardcoded credenti...