Vulnerability Details CVE-2008-5848
The Advantech ADAM-6000 module has 00000000 as its default password, which makes it easier for remote attackers to obtain access through an HTTP session, and (1) monitor or (2) control the module's Modbus/TCP I/O activity.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.008
EPSS Ranking 72.9%
CVSS Severity
CVSS v2 Score 10.0
References
- http://ruxcon.org.au/files/2008/SIFT-Ruxcon2008-SCADA-Hacking-Modbus-Enabled-Devices.pdf
- http://support.advantech.com.tw/support/DownloadSRDetail.aspx?SR_ID=1-95WMW
- http://www.ruxcon.org.au/presentations.shtml#13
- http://ruxcon.org.au/files/2008/SIFT-Ruxcon2008-SCADA-Hacking-Modbus-Enabled-Devices.pdf
- http://support.advantech.com.tw/support/DownloadSRDetail.aspx?SR_ID=1-95WMW
- http://www.ruxcon.org.au/presentations.shtml#13
Products affected by CVE-2008-5848
-
cpe:2.3:h:advantech:adam-6015:*
-
cpe:2.3:h:advantech:adam-6017:*
-
cpe:2.3:h:advantech:adam-6018:*
-
cpe:2.3:h:advantech:adam-6022:*
-
cpe:2.3:h:advantech:adam-6024:*
-
cpe:2.3:h:advantech:adam-6050:*
-
cpe:2.3:h:advantech:adam-6050w:*
-
cpe:2.3:h:advantech:adam-6051:*
-
cpe:2.3:h:advantech:adam-6051w:*
-
cpe:2.3:h:advantech:adam-6052:*
-
cpe:2.3:h:advantech:adam-6060:*
-
cpe:2.3:h:advantech:adam-6060w:*
-
cpe:2.3:h:advantech:adam-6066:*
-
cpe:2.3:h:advantech:adam-6501:*