Insecure Credential Generation in Ingecon Sun EMS Board by Ingeteam
CVE-2026-8072

9.2CRITICAL

Key Information:

Vendor: Ingeteam
Status: Ingecon Sun Ems Board
Vendor: CVE Published:; 12 May 2026

What is CVE-2026-8072?

The Ingecon Sun EMS Board features a vulnerability in its Technical Support access functionality, where secret access credentials are generated using a weak hashing algorithm. This insecure method can potentially allow unauthorized users to escalate their privileges, posing significant cybersecurity risks. It is essential for users and organizations to be aware of this vulnerability and apply relevant patches to secure their devices against potential exploitation.

Affected Version(s)

Ingecon Sun EMS Board 0

References

https://www.incibe.es/en/incibe-cert/notices/aviso-sci/in...

patch

https://www.reversemode.com/2026/05/a-practical-analysis-...

CVSS V4

Score:

9.2

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 12, 2026
Vulnerability Reserved
May 7, 2026

Credit

Rubén Santamarta

CVE-2026-8072 Data

JSON