Grundfos CIM 500 before v06.16.00 responds to unauthenticated requests for password storage files.
grundfos
CVE-2020-10609
Grundfos CIM 500 v06.16.00 stores plaintext credentials, which may allow sensitive information to be read or allow modification to system settings by someone with access to the device.