3 results (0.011 seconds)

CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0

Honeywell ControlEdge through R151.1 uses Hard-coded Credentials. According to FSCT-2022-0056, there is a Honeywell ControlEdge hardcoded credentials issue. The affected components are characterized as: SSH. The potential impact is: Remote code execution, manipulate configuration, denial of service. The Honeywell ControlEdge PLC and RTU product line exposes an SSH service on port 22/TCP. • https://www.cisa.gov/uscert/ics/advisories/icsa-22-242-06 https://www.forescout.com/blog • CWE-798: Use of Hard-coded Credentials •

CVSS: 7.5EPSS: 0%CPEs: 11EXPL: 0

ControlEdge PLC (R130.2, R140, R150, and R151) and RTU (R101, R110, R140, R150, and R151) exposes a session token on the network. ControlEdge PLC (versiones R130.2, R140, R150 y R151) y RTU (versiones R101, R110, R140, R150 y R151), exponen un token de sesión en la red • https://www.us-cert.gov/ics/advisories/icsa-20-175-02 • CWE-319: Cleartext Transmission of Sensitive Information •

CVSS: 7.5EPSS: 0%CPEs: 11EXPL: 0

ControlEdge PLC (R130.2, R140, R150, and R151) and RTU (R101, R110, R140, R150, and R151) exposes unencrypted passwords on the network. ControlEdge PLC (versiones R130.2, R140, R150 y R151) y RTU (versiones R101, R110, R140, R150 y R151), exponen contraseñas sin cifrar en la red • https://www.us-cert.gov/ics/advisories/icsa-20-175-02 • CWE-319: Cleartext Transmission of Sensitive Information •