CVE-2026-44611
Analyzed Analyzed - Analysis Complete
Weak Password Hashing in Danelec MacGregor Voyage Data Recorder

Publication date: 2026-05-29

Last updated on: 2026-06-04

Assigner: ICS-CERT

Description
Danelec MacGregor Voyage Data Recorder passwords are stored with a hashing method which limits password length and is susceptible to brute force attacks.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-05-29
Last Modified
2026-06-04
Generated
2026-06-19
AI Q&A
2026-05-29
EPSS Evaluated
2026-06-18
NVD
CVE-2026-44611
EUVD
EUVD-2026-33398
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
macgregor interschalt_vdr_g4e_firmware to 5.250 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-916 The product generates a hash for a password, but it uses a scheme that does not provide a sufficient level of computational effort that would make password cracking attacks infeasible or expensive.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability involves the Danelec MacGregor Voyage Data Recorder storing passwords using a hashing method that limits the password length and is vulnerable to brute force attacks.

Impact Analysis

Because the password hashing method is weak and limits password length, attackers could potentially use brute force techniques to guess passwords, leading to unauthorized access to the Voyage Data Recorder.

Compliance Impact

The vulnerability involves passwords stored with a hashing method that limits password length and is susceptible to brute force attacks. This weakness could potentially lead to unauthorized access to sensitive data recorded by the Danelec MacGregor Voyage Data Recorder.

Such unauthorized access risks compromising confidentiality and integrity of data, which may impact compliance with data protection regulations like GDPR and HIPAA that require adequate protection of personal and sensitive information.

However, the provided information does not explicitly state the direct effects on compliance with these standards or any regulatory consequences.

Mitigation Strategies

The vulnerability involves weak password hashing susceptible to brute force attacks on Danelec MacGregor Voyage Data Recorder devices.

Although no specific mitigation steps are detailed in the provided context, general best practices include limiting access to affected devices, monitoring for unauthorized access attempts, and applying any available firmware updates from the vendor.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-44611. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart