CVE-2018-7518
CRITICALBeaconMedaes Scroll Medical Air Systems Firmware < 4107600010.23 - Insufficiently Protected Credentials
Title source: llmDescription
In TotalAlert Web Application in BeaconMedaes Scroll Medical Air Systems prior to v4107600010.23, an attacker with network access to the integrated web server could retrieve default or user defined credentials stored and transmitted in an insecure manner.
References (1)
Core 1
Core References
Mitigation, Third Party Advisory, US Government Resource x_refsource_misc
https://ics-cert.us-cert.gov/advisories/ICSMA-18-144-01
Scores
CVSS v3
9.8
EPSS
0.0130
EPSS Percentile
66.7%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-522
Status
published
Products (1)
beaconmedaes/scroll_medical_air_systems_firmware
< 4107600010.23
Published
May 24, 2018
Tracked Since
Feb 18, 2026