Hardcoded Password Vulnerability in SMA Solar Sunny WebBox
CVE-2015-3964

Currently unrated

Key Information:

Vendor: Sma Solar Technology Ag
Status: Webbox Firmware
Vendor: CVE Published:; 11 September 2015

🔔 Create Sma Solar Technology Ag Vulnerability Alert

What is CVE-2015-3964?

The SMA Solar Sunny WebBox contains hardcoded passwords, creating a significant security risk. This design flaw allows attackers to exploit these passwords to gain unauthorized access to the device, potentially compromising sensitive information and affecting operational integrity. Given the reliance on secure access control in industrial environments, this vulnerability highlights the need for improved security measures to prevent unauthorized remote access.

References

http://seclists.org/fulldisclosure/2015/Sep/51

mailing-listx_refsource_FULLDISC

https://ics-cert.us-cert.gov/advisories/ICSA-15-181-02

x_refsource_MISC

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 11, 2015
Vulnerability Reserved
May 12, 2015