CVE-2026-8605
Analyzed Analyzed - Analysis Complete
Use of Hard-Coded Credentials in ScadaBR

Publication date: 2026-05-19

Last updated on: 2026-05-21

Assigner: ICS-CERT

Description
In ScadaBR version 1.2.0, a Use of Hard-Coded Credentials vulnerability could allow an attacker to access the SCADA system as admin.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-05-19
Last Modified
2026-05-21
Generated
2026-06-10
AI Q&A
2026-05-19
EPSS Evaluated
2026-06-08
NVD
CVE-2026-8605
EUVD
EUVD-2026-30963
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
scadabr scadabr 1.2
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-798 The product contains hard-coded credentials, such as a password or cryptographic key.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability in ScadaBR version 1.2.0 involves the use of hard-coded credentials. This means that the software contains fixed login information embedded in its code, which an attacker could discover and use to gain unauthorized access.

Specifically, an attacker could use these hard-coded credentials to access the SCADA system with administrative privileges.

Impact Analysis

If exploited, this vulnerability could allow an attacker to gain administrative access to the SCADA system without authorization.

  • Unauthorized control over critical infrastructure managed by the SCADA system.
  • Potential disruption of operations or manipulation of system data.
  • Increased risk of further attacks due to elevated privileges.
Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-8605. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart