CVE-2026-8072

Published: Mag 12, 2026 Last Modified: Mag 12, 2026

ExploitDB:

Other exploit source:

Google Dorks:

CRITICAL 9,2

Source: [email protected]

Attack Vector: network

Attack Complexity: high

Privileges Required: none

User Interaction: none

Confidentiality: N/A

Integrity: N/A

Availability: N/A

Description

AI Translation Available

Insecure generation of credentials in the local SAT (Technical Support) access functionality of the Ingecon Sun EMS Board. The vulnerability arose because the secret access credentials were not based on a secure cryptographic scheme, but rather on a weak hashing algorithm, which could allow an attacker to carry out a privilege escalation.

327

Use of a Broken or Risky Cryptographic Algorithm

Draft

Abstraction: Class Structure: Simple

Common Consequences

Security Scopes Affected:

Confidentiality Integrity Accountability Non-Repudiation

Potential Impacts:

Read Application Data Modify Application Data Hide Activities

Applicable Platforms

Languages: Not Language-Specific, Verilog, VHDL

Technologies: ICS/OT, Not Technology-Specific

Likelihood of Exploit: High

View CWE Details

https://www.incibe.es/en/incibe-cert/notices/aviso-sci/inse…

https://www.incibe.es/en/incibe-cert/notices/aviso-sci/insecure-generation-sat-…

https://www.reversemode.com/2026/05/a-practical-analysis-of…

https://www.reversemode.com/2026/05/a-practical-analysis-of-cyber-physical.html

CVE-2026-8072

Description

Use of a Broken or Risky Cryptographic Algorithm

Common Consequences

Applicable Platforms

Iscriviti alla newsletter