Описание
CWE-1188: Initialization of a Resource with an Insecure Default vulnerability exists that could cause an attacker to execute unauthorized commands when a system’s default password credentials have not been changed on first use. The default username is not displayed correctly in the WebHMI interface.
EPSS
9.8 Critical
CVSS3
Дефекты
Связанные уязвимости
CWE-1188: Initialization of a Resource with an Insecure Default vulnerability exists that could cause an attacker to execute unauthorized commands when a system’s default password credentials have not been changed on first use. The default username is not displayed correctly in the WebHMI interface.
Уязвимость компонента WebHMI SCADA-системы EcoStruxure Power Automation System User Interface (EcoSUI) и системы оптимизации распределенных энергетических ресурсов EcoStruxure Microgrid Operation Large (EMO-L), позволяющая нарушителю получить несанкционированный доступ к устройству
EPSS
9.8 Critical
CVSS3