Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Authentication Bypass to the MQTT configuration Web Interface
Vulnerability Description
Use of Hard-coded Cryptographic Key vulnerability in ABB RMC-100, ABB RMC-100 LITE. When the REST interface is enabled by the user, and an attacker gains access to source code and control network, the attacker can bypass the REST interface authentication and gain access to MQTT configuration data. This issue affects RMC-100: from 2105457-043 through 2105457-045; RMC-100 LITE: from 2106229-015 through 2106229-016.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
Vulnerability Type
使用硬编码的密码学密钥
Vulnerability Title
ABB RMC-100 安全漏洞
Vulnerability Description
ABB RMC-100是瑞士ABB公司的一个远程模块化控制器。能够管理自动化、液体和气体测量,大型生产和传输设施的资产数据集中。 ABB RMC-100存在安全漏洞,该漏洞源于使用硬编码加密密钥,可能导致绕过认证。以下版本受到影响:ABB RMC-100 2105457-045及之前版本和ABB RMC-100 LITE 2106229-016及之前版本。
CVSS Information
N/A
Vulnerability Type
N/A