Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-5848

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2008-5848
Last Modified 20 May 2009 12:00:00
Published 06 Jan 2009 12:30:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-5848

Summary

The Advantech ADAM-6000 module has 00000000 as its default password, which makes it easier for remote attackers to obtain access through an HTTP session, and (1) monitor or (2) control the module's Modbus/TCP I/O activity.

Vulnerable Systems


References

MISC - http://www.ruxcon.org.au/presentations.shtml#13

CONFIRM - http://support.advantech.com.tw/support/DownloadSRDetail.aspx?SR_ID=1-95WMW

MISC - http://ruxcon.org.au/files/2008/SIFT-Ruxcon2008-SCADA-Hacking-Modbus-Enabled-Devices.pdf


Last Updated: 27 May 2016 10:48:57