EMV DiskXtender 6.20.060 has a hard-coded login and password, which allows remote attackers to bypass authentication via the RPC interface.
Threat-Mapped Scoring
Score: 3.0
Priority: P2 - Serious (High)
-
S1 – Steal Customer Account Information
EPSS
Score: 0.02278
Percentile:
0.83973
CVSS Scoring
CVSS v3.1 Score: 9.8
Severity: CRITICAL
Mapped CWE(s)
-
CWE-798
: Use of Hard-coded Credentials
All CAPEC(s)
-
CAPEC-191: Read Sensitive Constants Within an Executable
-
CAPEC-70: Try Common or Default Usernames and Passwords
CAPEC(s) with Mapped TTPs
-
CAPEC-191: Read Sensitive Constants Within an Executable
Mapped TTPs:
-
CAPEC-70: Try Common or Default Usernames and Passwords
Mapped TTPs:
Mapped ATT&CK TTPs
-
T1552.001
: Credentials In Files
Kill Chain: credential-access
-
T1078.001
: Default Accounts
Kill Chain: defense-evasion
Malware
APTs Threat Group Associations
Campaigns
- Leviathan Australian Intrusions
- HomeLand Justice
Affected Products
- cpe:2.3:a:emc:diskxtender:6.20.060:*:*:*:*:*:*:*
← Back to Home