Vulnerabilities > Use of Hard-coded Credentials
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-06-29 | CVE-2020-12012 | Use of Hard-coded Credentials vulnerability in Baxter Em1200 Firmware and Em2400 Firmware Baxter ExactaMix EM 2400 & EM 1200, Versions ExactaMix EM2400 Versions 1.10, 1.11, 1.13, 1.14, ExactaMix EM1200 Versions 1.1, 1.2, 1.4, 1.5, Baxter ExactaMix EM 2400 Versions 1.10, 1.11, and 1.13, and ExactaMix EM1200 Versions 1.1, 1.2, and 1.4 have hard-coded administrative account credentials for the ExactaMix application. | 6.1 |
| 2020-06-24 | CVE-2020-10276 | Use of Hard-coded Credentials vulnerability in multiple products The password for the safety PLC is the default and thus easy to find (in manuals, etc.). | 9.8 |
| 2020-06-24 | CVE-2020-10270 | Use of Hard-coded Credentials vulnerability in multiple products Out of the wired and wireless interfaces within MiR100, MiR200 and other vehicles from the MiR fleet, it's possible to access the Control Dashboard on a hardcoded IP address. network low complexity aliasrobotics mobile-industrial-robotics enabled-robotics uvd-robots CWE-798 critical | 9.8 |
| 2020-06-24 | CVE-2020-10269 | Use of Hard-coded Credentials vulnerability in multiple products One of the wireless interfaces within MiR100, MiR200 and possibly (according to the vendor) other MiR fleet vehicles comes pre-configured in WiFi Master (Access Point) mode. network low complexity aliasrobotics mobile-industrial-robotics enabled-robotics uvd-robots CWE-798 critical | 9.8 |
| 2020-06-16 | CVE-2020-9289 | Use of Hard-coded Credentials vulnerability in Fortinet Fortimanager Use of a hard-coded cryptographic key to encrypt password data in CLI configuration in FortiManager 6.2.3 and below, FortiAnalyzer 6.2.3 and below may allow an attacker with access to the CLI configuration or the CLI backup file to decrypt the sensitive data, via knowledge of the hard-coded key. | 7.5 |
| 2020-06-16 | CVE-2020-7501 | Use of Hard-coded Credentials vulnerability in Schneider-Electric Vijeo Designer A CWE-798: Use of Hard-coded Credentials vulnerability exists in Vijeo Designer Basic (V1.1 HotFix 16 and prior) and Vijeo Designer (V6.2 SP9 and prior) which could cause unauthorized read and write when downloading and uploading project or firmware into Vijeo Designer Basic and Vijeo Designer. | 8.8 |
| 2020-06-16 | CVE-2020-7498 | Use of Hard-coded Credentials vulnerability in Schneider-Electric OS Loader and Unity Loader A CWE-798: Use of Hard-coded Credentials vulnerability exists in the Unity Loader and OS Loader Software (all versions). | 9.8 |
| 2020-06-15 | CVE-2020-4216 | Use of Hard-coded Credentials vulnerability in IBM Spectrum Protect Plus IBM Spectrum Protect Plus 10.1.0 through 10.1.5 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. | 9.8 |
| 2020-06-12 | CVE-2020-3928 | Use of Hard-coded Credentials vulnerability in Usavisionsys products GeoVision Door Access Control device family is hardcoded with a root password, which adopting an identical password in all devices. | 9.8 |
| 2020-06-09 | CVE-2020-6265 | Use of Hard-coded Credentials vulnerability in SAP Commerce and Commerce Data HUB SAP Commerce, versions - 6.7, 1808, 1811, 1905, and SAP Commerce (Data Hub), versions - 6.7, 1808, 1811, 1905, allows an attacker to bypass the authentication and/or authorization that has been configured by the system administrator due to the use of Hardcoded Credentials. | 9.8 |