Vulnerabilities > CVE-2021-37292 - Unspecified vulnerability in Kevinlab 4ST L-Bems 1.0.0
Attack vector
NETWORK Attack complexity
LOW Privileges required
SINGLE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
An Access Control vulnerability exists in KevinLAB Inc Building Energy Management System 4ST BEMS 1.0.0 due to an undocumented backdoor account. A malicious user can log in using the backdor account with admin highest privileges and obtain system control.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |