Incorrect access control in the VNC component of Weintek cMT-3072XH2 easyweb v2.1.53, OS v20231011 allows unauthorized attackers to access the HMI system.
Weintek cMT-3072XH2 easyweb v2.1.53, OS v20231011 was discovered to contain a hardcoded encryption key which could allow attackers to access sensitive information.
Weintek Weincloud v0.13.6 could allow an attacker to efficiently develop a brute force attack on credentials with authentication hints from error message responses.
| CVE ID ⇅ | Severity ↓ | Description | |
|---|---|---|---|
| CVE-2024-55025 | MEDIUM | Incorrect access control in the VNC component of Weintek cMT-3072XH2 easyweb v2.1.53, OS v20231011 a… | › |
| CVE-2024-55023 | MEDIUM | Weintek cMT-3072XH2 easyweb v2.1.53, OS v20231011 was discovered to contain a hardcoded encryption k… | › |
| CVE-2023-32657 | MEDIUM | Weintek Weincloud v0.13.6 could allow an attacker to efficiently develop a brute force attack… | › |