{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "The Advantech ADAM-6000 module has 00000000 as its default password, which makes it easier for remote attackers to obtain access through an HTTP session, and (1) monitor or (2) control the module's Modbus/TCP I/O activity."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2009-01-06T17:00:00Z", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "http://www.ruxcon.org.au/presentations.shtml#13"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://support.advantech.com.tw/support/DownloadSRDetail.aspx?SR_ID=1-95WMW"}, {"tags": ["x_refsource_MISC"], "url": "http://ruxcon.org.au/files/2008/SIFT-Ruxcon2008-SCADA-Hacking-Modbus-Enabled-Devices.pdf"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2008-5848", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The Advantech ADAM-6000 module has 00000000 as its default password, which makes it easier for remote attackers to obtain access through an HTTP session, and (1) monitor or (2) control the module's Modbus/TCP I/O activity."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://www.ruxcon.org.au/presentations.shtml#13", "refsource": "MISC", "url": "http://www.ruxcon.org.au/presentations.shtml#13"}, {"name": "http://support.advantech.com.tw/support/DownloadSRDetail.aspx?SR_ID=1-95WMW", "refsource": "CONFIRM", "url": "http://support.advantech.com.tw/support/DownloadSRDetail.aspx?SR_ID=1-95WMW"}, {"name": "http://ruxcon.org.au/files/2008/SIFT-Ruxcon2008-SCADA-Hacking-Modbus-Enabled-Devices.pdf", "refsource": "MISC", "url": "http://ruxcon.org.au/files/2008/SIFT-Ruxcon2008-SCADA-Hacking-Modbus-Enabled-Devices.pdf"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T11:04:44.726Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.ruxcon.org.au/presentations.shtml#13"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://support.advantech.com.tw/support/DownloadSRDetail.aspx?SR_ID=1-95WMW"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://ruxcon.org.au/files/2008/SIFT-Ruxcon2008-SCADA-Hacking-Modbus-Enabled-Devices.pdf"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2008-5848", "datePublished": "2009-01-06T17:00:00Z", "dateReserved": "2009-01-06T00:00:00Z", "dateUpdated": "2024-09-16T23:21:42.327Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:advantech:adam-6015:*:*:*:*:*:*:*:*", "matchCriteriaId": "FA03C4FC-451D-4D80-91A9-94B62F11CF3E", "vulnerable": true}, {"criteria": "cpe:2.3:h:advantech:adam-6017:*:*:*:*:*:*:*:*", "matchCriteriaId": "23F14125-2C82-46B6-AA42-D17DAA9389F9", "vulnerable": true}, {"criteria": "cpe:2.3:h:advantech:adam-6018:*:*:*:*:*:*:*:*", "matchCriteriaId": "DCA43127-85F4-46F4-A67F-54B66BFB0D51", "vulnerable": true}, {"criteria": "cpe:2.3:h:advantech:adam-6022:*:*:*:*:*:*:*:*", "matchCriteriaId": "35514F6C-F34A-420B-B08B-58388E4E772F", "vulnerable": true}, {"criteria": "cpe:2.3:h:advantech:adam-6024:*:*:*:*:*:*:*:*", "matchCriteriaId": "A84898FB-2906-4798-BF9D-EE4DADD6B7D7", "vulnerable": true}, {"criteria": "cpe:2.3:h:advantech:adam-6050:*:*:*:*:*:*:*:*", "matchCriteriaId": "51F66CE0-053B-4502-BE47-046F38D2E1EF", "vulnerable": true}, {"criteria": "cpe:2.3:h:advantech:adam-6050w:*:*:*:*:*:*:*:*", "matchCriteriaId": "066BDEE7-CD3B-482F-82A6-063F48EAEC02", "vulnerable": true}, {"criteria": "cpe:2.3:h:advantech:adam-6051:*:*:*:*:*:*:*:*", "matchCriteriaId": "44CC898E-8BA4-401E-B95E-B22B4BD28658", "vulnerable": true}, {"criteria": "cpe:2.3:h:advantech:adam-6051w:*:*:*:*:*:*:*:*", "matchCriteriaId": "E89BA4B7-C9A2-46F4-8B12-B72CF8767890", "vulnerable": true}, {"criteria": "cpe:2.3:h:advantech:adam-6052:*:*:*:*:*:*:*:*", "matchCriteriaId": "0F7CABA8-747E-454C-8100-39682281BD1A", "vulnerable": true}, {"criteria": "cpe:2.3:h:advantech:adam-6060:*:*:*:*:*:*:*:*", "matchCriteriaId": "5C011882-D383-46CA-8E20-D008D039AB81", "vulnerable": true}, {"criteria": "cpe:2.3:h:advantech:adam-6060w:*:*:*:*:*:*:*:*", "matchCriteriaId": "7C886F75-1B65-4695-9493-E3B1A647222A", "vulnerable": true}, {"criteria": "cpe:2.3:h:advantech:adam-6066:*:*:*:*:*:*:*:*", "matchCriteriaId": "DDE2AE5D-58E7-43D7-8E70-86ACDAD9A3E2", "vulnerable": true}, {"criteria": "cpe:2.3:h:advantech:adam-6501:*:*:*:*:*:*:*:*", "matchCriteriaId": "590DF4B1-9F0F-42A7-9579-602A27CB0B0F", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The Advantech ADAM-6000 module has 00000000 as its default password, which makes it easier for remote attackers to obtain access through an HTTP session, and (1) monitor or (2) control the module's Modbus/TCP I/O activity."}, {"lang": "es", "value": "El m\u00f3dulo Advantech ADAM-6000 tiene 00000000 como su contrase\u00f1a por defecto, lo que hace m\u00e1s f\u00e1cil a atacantes remotos obtener acceso a trav\u00e9s de una sesi\u00f3n HTTP, y (1) monitorizar o (2) controlar la actividad I/O del m\u00f3dulo Modbus/TCP."}], "id": "CVE-2008-5848", "lastModified": "2025-04-09T00:30:58.490", "metrics": {"cvssMetricV2": [{"acInsufInfo": true, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2009-01-06T17:30:00.267", "references": [{"source": "cve@mitre.org", "tags": ["URL Repurposed"], "url": "http://ruxcon.org.au/files/2008/SIFT-Ruxcon2008-SCADA-Hacking-Modbus-Enabled-Devices.pdf"}, {"source": "cve@mitre.org", "url": "http://support.advantech.com.tw/support/DownloadSRDetail.aspx?SR_ID=1-95WMW"}, {"source": "cve@mitre.org", "tags": ["URL Repurposed"], "url": "http://www.ruxcon.org.au/presentations.shtml#13"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["URL Repurposed"], "url": "http://ruxcon.org.au/files/2008/SIFT-Ruxcon2008-SCADA-Hacking-Modbus-Enabled-Devices.pdf"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://support.advantech.com.tw/support/DownloadSRDetail.aspx?SR_ID=1-95WMW"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["URL Repurposed"], "url": "http://www.ruxcon.org.au/presentations.shtml#13"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-255"}, {"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}