CVE Vulnerability

CVE-2008-5848

The Advantech ADAM-6000 module has 00000000 as its default password, which makes it easier for remote attackers to obtain access through an HTTP session, and (1) monitor or (2) control the module's Modbus/TCP I/O activity.

10 /10

CVSS v2.0 :

V3 Legend

Vector :

Exploitability : 10 / Impact : 10

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

Scope

References
Link Resource
http://www.ruxcon.org.au/presentations.shtml#13
http://ruxcon.org.au/files/2008/SIFT-Ruxcon2008-SCADA-Hacking-Modbus-Enabled-Devices.pdf
http://support.advantech.com.tw/support/DownloadSRDetail.aspx?SR_ID=1-95WMW
Configurations

Configuration 1

cpe:2.3:h:advantech:adam-6015:*:*:*:*:*:*:*:*
cpe:2.3:h:advantech:adam-6022:*:*:*:*:*:*:*:*
cpe:2.3:h:advantech:adam-6050w:*:*:*:*:*:*:*:*
cpe:2.3:h:advantech:adam-6060:*:*:*:*:*:*:*:*
cpe:2.3:h:advantech:adam-6050:*:*:*:*:*:*:*:*
cpe:2.3:h:advantech:adam-6051:*:*:*:*:*:*:*:*
cpe:2.3:h:advantech:adam-6024:*:*:*:*:*:*:*:*
cpe:2.3:h:advantech:adam-6060w:*:*:*:*:*:*:*:*
cpe:2.3:h:advantech:adam-6018:*:*:*:*:*:*:*:*
cpe:2.3:h:advantech:adam-6501:*:*:*:*:*:*:*:*
cpe:2.3:h:advantech:adam-6017:*:*:*:*:*:*:*:*
cpe:2.3:h:advantech:adam-6051w:*:*:*:*:*:*:*:*
cpe:2.3:h:advantech:adam-6066:*:*:*:*:*:*:*:*
cpe:2.3:h:advantech:adam-6052:*:*:*:*:*:*:*:*
Information

Published : 2009-01-06 05:30

Updated : 2009-05-20 04:00

NVD link : CVE-2008-5848

Mitre link : CVE-2008-5848

Products Affected
No products.
CWE
CWE-255

NVD-CWE-noinfo