Skip to main content

Eppendorf BioFlo 320 CVE-2026-7251

| EUVDEUVD-2026-31912 CRITICAL
Use of Hard-coded Password (CWE-259)
2026-05-26 icscert GHSA-v6xg-wr2p-xrj3
9.3
CVSS 4.0 · NVD
Share

Severity by source

NVD PRIMARY
9.3 CRITICAL
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
X

Lifecycle Timeline

2
Analysis Generated
Jun 08, 2026 - 08:38 vuln.today
CVSS changed
May 26, 2026 - 18:22 NVD
9.8 (CRITICAL) 9.3 (CRITICAL)

DescriptionCVE.org

Eppendorf BioFlo 320 is vulnerable to due to VNC server using a hard-coded password. If a remote attacker knows the network address of any BioFlo 320 model with remote access enabled, they can gain full control of the user interface by using this password. Once connected, the attacker would have full access to all control panel features for the BioFlo 320. VNC traffic is not encrypted.

AnalysisAI

Hard-coded VNC password in the Eppendorf BioFlo 320 bioprocess control system allows any remote attacker who can reach the device on the network to take full control of its user interface without authentication. The flaw (CWE-259) is rated CVSS 9.3 and carries an SSVC technical impact of 'total' with automatable exploitation, though no public exploit has been identified at time of analysis and EPSS is low at 0.10%.

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Gain access to lab/OT network
Delivery
Scan for BioFlo 320 VNC service
Exploit
Authenticate with hard-coded VNC password
Execution
Take full control of HMI
Impact
Manipulate bioreactor setpoints or halt process

Vulnerability AssessmentAI

Exploitation Exploitation requires network reachability to the BioFlo 320's VNC service (typically TCP/5900) and that the device's remote access feature is enabled - the description explicitly states 'remote access enabled' as a precondition, so units deployed without VNC remote access are not exposed. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The CVSS 4.0 vector AV:N/AC:L/AT:N/PR:N/UI:N with high confidentiality, integrity, and availability impact reflects a worst-case profile for the device itself: network-reachable, no privileges, no user interaction, and full control of the HMI once connected. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker who has reached the lab/OT network - for example through a phished engineering workstation or a misconfigured VPN - scans for TCP/5900 (VNC), identifies a BioFlo 320, and authenticates with the known hard-coded password recovered from firmware or vendor documentation. With full HMI control they could alter setpoints (temperature, pH, agitation, gas flow) on an active bioreactor run, halt processes, or silently capture sensitive bioprocess parameters; no public exploit is identified at time of analysis, but the attack is trivially scriptable per the SSVC 'Automatable: yes' determination.
Remediation No vendor-released patched version is identified in the available data; the references point to Eppendorf's general software downloads page (https://www.eppendorf.com/software-downloads) and the CISA ICS-MA advisory (https://www.cisa.gov/news-events/ics-medical-advisories/icsma-26-146-01), so operators should consult those for any firmware update or vendor-recommended mitigation specific to their unit. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

24 hours: Identify all Eppendorf BioFlo 320 systems in your environment; restrict network access to essential connections only; disable remote VNC access where operationally feasible. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

CVE-2026-7251 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy