CVE-2026-31928
Received Received - Intake
Default Admin Credentials in DMP-5000 Devices

Publication date: 2026-06-26

Last updated on: 2026-06-26

Assigner: ICS-CERT

Description
The DMP-5000 devices are shipped with a default administrative web account with weak authentication controls, which are not required to be changed during initial configuration or operation. Using these accounts provides full system access.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-26
Last Modified
2026-06-26
Generated
2026-06-27
AI Q&A
2026-06-27
EPSS Evaluated
N/A
NVD
CVE-2026-31928
EUVD
EUVD-2026-39925
Affected Vendors & Products
Currently, no data is known.
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-798 The product contains hard-coded credentials, such as a password or cryptographic key.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

The vulnerability involves DMP-5000 devices that come with a default administrative web account which has weak authentication controls.

These default credentials are not required to be changed during initial setup or operation, allowing anyone who knows or discovers these credentials to gain full system access.

Impact Analysis

Because the default administrative account has weak authentication and is not required to be changed, an attacker can use it to gain full access to the system.

This full system access can lead to unauthorized control, potential data breaches, disruption of device operation, and compromise of the overall security of the affected environment.

Mitigation Strategies

The DMP-5000 devices are shipped with a default administrative web account that has weak authentication controls and is not required to be changed during initial configuration or operation.

To mitigate this vulnerability, immediate steps should include changing the default administrative web account credentials to strong, unique passwords to prevent unauthorized full system access.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-31928. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart