Multiple Lenze products of the cabinet series skip the password verification upon second login. After a user has been logged on to the device once, a remote attacker can get full access without knowledge of the password.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HLenze C520
HWLenzewszystkie wersjeLenze C520 Firmware
OSLenze1.07.00.2757 – 01.08.01.3021 (bez)Lenze C550
HWLenzewszystkie wersjeLenze C550 Firmware
OSLenze1.07.00.2757 – 01.08.01.3021 (bez)Lenze C750
HWLenzewszystkie wersjeLenze C750 Firmware
OSLenze1.07.00.2757 – 01.08.01.3021 (bez)
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
Auth Bypass