CVE-2026-8605
Awaiting Analysis
Awaiting Analysis - Queue
Use of Hard-Coded Credentials in ScadaBR
Publication date: 2026-05-19
Last updated on: 2026-05-19
Assigner: ICS-CERT
Description
Description
In ScadaBR version 1.2.0, a Use of Hard-Coded Credentials vulnerability could allow an attacker to access the SCADA system as admin.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| scadabr | scadabr | 1.2.0 |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-798 | The product contains hard-coded credentials, such as a password or cryptographic key. |
Attack-Flow Graph
AI Powered Q&A
How can this vulnerability impact me? :
If exploited, this vulnerability could allow an attacker to gain administrative access to the SCADA system without authorization.
- Unauthorized control over critical infrastructure managed by the SCADA system.
- Potential disruption of operations or manipulation of system data.
- Increased risk of further attacks due to elevated privileges.
Can you explain this vulnerability to me?
This vulnerability in ScadaBR version 1.2.0 involves the use of hard-coded credentials. This means that the software contains fixed login information embedded in its code, which an attacker could discover and use to gain unauthorized access.
Specifically, an attacker could use these hard-coded credentials to access the SCADA system with administrative privileges.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70