Total
965 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-15802 | 1 Zyxel | 18 Gs1900-10hp, Gs1900-10hp Firmware, Gs1900-16 and 15 more | 2019-11-22 | 4.3 MEDIUM | 5.9 MEDIUM |
| An issue was discovered on Zyxel GS1900 devices with firmware before 2.50(AAHH.0)C0. The firmware hashes and encrypts passwords using a hardcoded cryptographic key in sal_util_str_encrypt() in libsal.so.0.0. The parameters (salt, IV, and key data) are used to encrypt and decrypt all passwords using AES256 in CBC mode. With the parameters known, all previously encrypted passwords can be decrypted. This includes the passwords that are part of configuration backups or otherwise embedded as part of the firmware. | |||||
| CVE-2019-13543 | 1 Medtronic | 5 Valleylab Exchange Client, Valleylab Ft10 Energy Platform, Valleylab Ft10 Energy Platform Firmware and 2 more | 2019-11-13 | 5.0 MEDIUM | 7.5 HIGH |
| Medtronic Valleylab Exchange Client version 3.4 and below, Valleylab FT10 Energy Platform (VLFT10GEN) software version 4.0.0 and below, and Valleylab FX8 Energy Platform (VLFX8GEN) software version 1.1.0 and below use multiple sets of hard-coded credentials. If discovered, they can be used to read files on the device. | |||||
| CVE-2019-16207 | 1 Broadcom | 1 Brocade Sannav | 2019-11-09 | 4.6 MEDIUM | 7.8 HIGH |
| Brocade SANnav versions before v2.0 use a hard-coded password, which could allow local authenticated attackers to access a back-end database and gain privileges. | |||||
| CVE-2015-7276 | 1 Technicolor | 4 C2000t, C2000t Firmware, C2100t and 1 more | 2019-11-08 | 4.3 MEDIUM | 5.9 MEDIUM |
| Technicolor C2000T and C2100T uses hard-coded cryptographic keys. | |||||
| CVE-2018-18929 | 1 Trms | 2 Seneca Hdn, Seneca Hdn Firmware | 2019-11-05 | 4.0 MEDIUM | 8.8 HIGH |
| The Tightrope Media Carousel Seneca HDn Windows-based appliance 7.0.4.104 is shipped with a default local administrator username and password. This can be found by a limited user account in an "unattend.xml" file left over on the C: drive from the Sysprep process. An attacker with this username and password can leverage it to gain administrator-level access on the system. | |||||
| CVE-2019-14926 | 2 Inea, Mitsubishielectric | 4 Me-rtu, Me-rtu Firmware, Smartrtu and 1 more | 2019-10-30 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered on Mitsubishi Electric ME-RTU devices through 2.02 and INEA ME-RTU devices through 3.0. Hard-coded SSH keys allow an attacker to gain unauthorised access or disclose encrypted data on the RTU due to the keys not being regenerated on initial installation or with firmware updates. In other words, these devices use private-key values in /etc/ssh/ssh_host_rsa_key, /etc/ssh/ssh_host_ecdsa_key, and /etc/ssh/ssh_host_dsa_key files that are publicly available from the vendor web sites. | |||||
| CVE-2019-14930 | 2 Inea, Mitsubishielectric | 4 Me-rtu, Me-rtu Firmware, Smartrtu and 1 more | 2019-10-30 | 10.0 HIGH | 9.8 CRITICAL |
| An issue was discovered on Mitsubishi Electric ME-RTU devices through 2.02 and INEA ME-RTU devices through 3.0. Undocumented hard-coded user passwords for root, ineaadmin, mitsadmin, and maint could allow an attacker to gain unauthorised access to the RTU. (Also, the accounts ineaadmin and mitsadmin are able to escalate privileges to root without supplying a password due to insecure entries in /etc/sudoers on the RTU.) | |||||
| CVE-2016-2358 | 1 Milesight | 2 Ip Security Camera, Ip Security Camera Firmware | 2019-10-29 | 5.0 MEDIUM | 9.8 CRITICAL |
| Milesight IP security cameras through 2016-11-14 have a default set of 10 privileged accounts with hardcoded credentials. They are accessible if the customer has not configured 10 actual user accounts. | |||||
| CVE-2016-2357 | 1 Milesight | 2 Ip Security Camera, Ip Security Camera Firmware | 2019-10-29 | 5.0 MEDIUM | 9.8 CRITICAL |
| Milesight IP security cameras through 2016-11-14 have a hardcoded SSL private key under the /etc/config directory. | |||||
| CVE-2016-2360 | 1 Milesight | 2 Ip Security Camera, Ip Security Camera Firmware | 2019-10-29 | 5.0 MEDIUM | 9.8 CRITICAL |
| Milesight IP security cameras through 2016-11-14 have a default root password in /etc/shadow that is the same across different customers' installations. | |||||
| CVE-2019-13657 | 1 Broadcom | 2 Ca Performance Management, Network Operations | 2019-10-24 | 6.5 MEDIUM | 8.8 HIGH |
| CA Performance Management 3.5.x, 3.6.x before 3.6.9, and 3.7.x before 3.7.4 have a default credential vulnerability that can allow a remote attacker to execute arbitrary commands and compromise system security. | |||||
| CVE-2019-7225 | 1 Abb | 32 Cp620, Cp620-web, Cp620-web Firmware and 29 more | 2019-10-09 | 5.8 MEDIUM | 8.8 HIGH |
| The ABB HMI components implement hidden administrative accounts that are used during the provisioning phase of the HMI interface. These credentials allow the provisioning tool "Panel Builder 600" to flash a new interface and Tags (MODBUS coils) mapping to the HMI. These credentials are the idal123 password for the IdalMaster account, and the exor password for the exor account. These credentials are used over both HTTP(S) and FTP. There is no option to disable or change these undocumented credentials. An attacker can use these credentials to login to ABB HMI to read/write HMI configuration files and also to reset the device. This affects ABB CP635 HMI, CP600 HMIClient, Panel Builder 600, IDAL FTP server, IDAL HTTP server, and multiple other HMI components. | |||||
| CVE-2019-1919 | 1 Cisco | 2 Findit Network Manager, Findit Network Probe | 2019-10-09 | 7.2 HIGH | 7.8 HIGH |
| A vulnerability in the Cisco FindIT Network Management Software virtual machine (VM) images could allow an unauthenticated, local attacker who has access to the VM console to log in to the device with a static account that has root privileges. The vulnerability is due to the presence of an account with static credentials in the underlying Linux operating system. An attacker could exploit this vulnerability by logging in to the command line of the affected VM with the static account. A successful exploit could allow the attacker to log in with root-level privileges. This vulnerability affects only Cisco FindIT Network Manager and Cisco FindIT Network Probe Release 1.1.4 if these products are using Cisco-supplied VM images. No other releases or deployment models are known to be vulnerable. | |||||
| CVE-2019-1675 | 1 Cisco | 2 Aironet Active Sensor, Digital Network Architecture Center | 2019-10-09 | 7.8 HIGH | 7.5 HIGH |
| A vulnerability in the default configuration of the Cisco Aironet Active Sensor could allow an unauthenticated, remote attacker to restart the sensor. The vulnerability is due to a default local account with a static password. The account has privileges only to reboot the device. An attacker could exploit this vulnerability by guessing the account name and password to access the CLI. A successful exploit could allow the attacker to reboot the device repeatedly, creating a denial of service (DoS) condition. It is not possible to change the configuration or view sensitive data with this account. Versions prior to DNAC1.2.8 are affected. | |||||
| CVE-2019-1688 | 1 Cisco | 1 Network Assurance Engine | 2019-10-09 | 5.6 MEDIUM | 7.1 HIGH |
| A vulnerability in the management web interface of Cisco Network Assurance Engine (NAE) could allow an unauthenticated, local attacker to gain unauthorized access or cause a Denial of Service (DoS) condition on the server. The vulnerability is due to a fault in the password management system of NAE. An attacker could exploit this vulnerability by authenticating with the default administrator password via the CLI of an affected server. A successful exploit could allow the attacker to view potentially sensitive information or bring the server down, causing a DoS condition. This vulnerability affects Cisco Network Assurance Engine (NAE) Release 3.0(1). The default password condition only affects new installations of Release 3.0(1). | |||||
| CVE-2019-13530 | 1 Philips | 19 865240, 865241, 865242 and 16 more | 2019-10-09 | 6.5 MEDIUM | 7.2 HIGH |
| Philips IntelliVue WLAN, portable patient monitors, WLAN Version A, Firmware A.03.09, WLAN Version A, Firmware A.03.09, Part #: M8096-67501, WLAN Version B, Firmware A.01.09, Part #: N/A (Replaced by Version C) and WLAN Version B, Firmware A.01.09, Part #: N/A (Replaced by Version C). An attacker can use these credentials to login via ftp and upload a malicious firmware. | |||||
| CVE-2019-11898 | 1 Bosch | 1 Access | 2019-10-09 | 6.5 MEDIUM | 9.9 CRITICAL |
| Unauthorized APE administration privileges can be achieved by reverse engineering one of the APE service tools. The service tool is discontinued with Bosch Access Professional Edition (APE) 3.8. | |||||
| CVE-2019-12327 | 1 Akuvox | 2 Sp-r50p, Sp-r50p Firmware | 2019-10-09 | 10.0 HIGH | 9.8 CRITICAL |
| Hardcoded credentials in the Akuvox R50P VoIP phone 50.0.6.156 allow an attacker to get access to the device via telnet. The telnet service is running on port 2323; it cannot be turned off and the credentials cannot be changed. | |||||
| CVE-2019-0020 | 1 Juniper | 3 Advanced Threat Prevention, Atp400, Atp700 | 2019-10-09 | 7.5 HIGH | 9.8 CRITICAL |
| Juniper ATP ships with hard coded credentials in the Web Collector instance which gives an attacker the ability to take full control of any installation of the software. Affected releases are Juniper Networks Juniper ATP: 5.0 versions prior to 5.0.3. | |||||
| CVE-2019-0022 | 1 Juniper | 3 Advanced Threat Prevention, Atp400, Atp700 | 2019-10-09 | 7.5 HIGH | 9.8 CRITICAL |
| Juniper ATP ships with hard coded credentials in the Cyphort Core instance which gives an attacker the ability to take full control of any installation of the software. Affected releases are Juniper Networks Juniper ATP: 5.0 versions prior to 5.0.3. | |||||