Описание
CWE-1188: Initialization of a Resource with an Insecure Default vulnerability exists that could cause an attacker to execute unauthorized commands when a system’s default password credentials have not been changed on first use. The default username is not displayed correctly in the WebHMI interface.
CWE-1188: Initialization of a Resource with an Insecure Default vulnerability exists that could cause an attacker to execute unauthorized commands when a system’s default password credentials have not been changed on first use. The default username is not displayed correctly in the WebHMI interface.
EPSS
9.2 Critical
CVSS4
9.8 Critical
CVSS3
CVE ID
Дефекты
Связанные уязвимости
CWE-1188: Initialization of a Resource with an Insecure Default vulnerability exists that could cause an attacker to execute unauthorized commands when a system’s default password credentials have not been changed on first use. The default username is not displayed correctly in the WebHMI interface.
Уязвимость компонента WebHMI SCADA-системы EcoStruxure Power Automation System User Interface (EcoSUI) и системы оптимизации распределенных энергетических ресурсов EcoStruxure Microgrid Operation Large (EMO-L), позволяющая нарушителю получить несанкционированный доступ к устройству
EPSS
9.2 Critical
CVSS4
9.8 Critical
CVSS3