CVE-2018-7229
Severity
9.8CRITICAL
EPSS
0.5%
top 33.56%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedMar 9
Latest updateMay 13
Description
A vulnerability exists in Schneider Electric's Pelco Sarix Professional in all firmware versions prior to 3.29.67 which could allow an unauthenticated, remote attacker to bypass authentication and gain administrator privileges because the use of hardcoded credentials.
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9