Skip to main content

Ingecon Sun Ems Board

1 CVEs product

Monthly

CVE-2026-8072 CRITICAL PATCH Act Now

Weak credential generation in Ingeteam's Ingecon Sun EMS Board Technical Support access mechanism allows remote privilege escalation via cryptographic weakness. The SAT (Technical Support) access feature generates credentials using a weak hashing algorithm instead of cryptographically secure methods, enabling attackers to predict or derive privileged access credentials. CVSS 9.2 reflects network-accessible attack with high complexity but no authentication required. INCIBE coordinated disclosure confirms vendor patch availability, and a practical analysis of the vulnerability has been published by ReverseMode, indicating detailed technical understanding exists in the research community.

Privilege Escalation Ingecon Sun Ems Board
NVD
CVSS 4.0
9.2
EPSS
0.0%
EPSS 0% CVSS 9.2
CRITICAL PATCH Act Now

Weak credential generation in Ingeteam's Ingecon Sun EMS Board Technical Support access mechanism allows remote privilege escalation via cryptographic weakness. The SAT (Technical Support) access feature generates credentials using a weak hashing algorithm instead of cryptographically secure methods, enabling attackers to predict or derive privileged access credentials. CVSS 9.2 reflects network-accessible attack with high complexity but no authentication required. INCIBE coordinated disclosure confirms vendor patch availability, and a practical analysis of the vulnerability has been published by ReverseMode, indicating detailed technical understanding exists in the research community.

Privilege Escalation Ingecon Sun Ems Board
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy