Description
Grundfos CIM 500 v06.16.00 stores plaintext credentials, which may allow sensitive information to be read or allow modification to system settings by someone with access to the device.
References (1)
Core 1
Core References
Third Party Advisory, US Government Resource x_refsource_confirm
https://us-cert.cisa.gov/ics/advisories/icsa-20-189-01
Scores
CVSS v3
7.5
EPSS
0.0152
EPSS Percentile
71.2%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Details
CWE
CWE-522
CWE-256
Status
published
Products (1)
grundfos/cim_500
06.16.00
Published
Jul 27, 2020
Tracked Since
Feb 18, 2026