CVE-2026-35075

Summary

An unauthenticated remote attacker can recover a default, hard coded password from a firmware image and thus gain full access to all affected devices.

Affected Software

VendorProductVersion RangeStatus
MBSSingle-AV1_00_00 < V6_00_07affected
MBSDouble-A ProfibusV1_00_00 < V6_00_07affected
MBSDouble-A x-linkV1_00_00 < V6_00_07affected
MBSSingle-XV1_00_00 < V6_00_07affected
MBSDouble-X CANV1_00_00 < V6_00_07affected
MBSDouble-X DALIV1_00_00 < V6_00_07affected
MBSDouble-X KNXV1_00_00 < V6_00_07affected
MBSDouble-X LONV1_00_00 < V6_00_07affected
MBSDouble-X M-BusV1_00_00 < V6_00_07affected
MBSDouble-X PROFINETV1_00_00 < V6_00_07affected
MBSDouble-X x-linkV1_00_00 < V6_00_07affected
MBSTriple-X KNX+DALIV1_00_00 < V6_00_07affected
MBSTriple-X KNX+LONV1_00_00 < V6_00_07affected
MBSTriple-X KNX+M-BusV1_00_00 < V6_00_07affected
MBSTriple-X PROFINET+DALIV1_00_00 < V6_00_07affected
MBSTriple-X PROFINET+KNXV1_00_00 < V6_00_07affected
MBSTriple-X PROFINET+LONV1_00_00 < V6_00_07affected
MBSTriple-X PROFINET+M-BusV1_00_00 < V6_00_07affected

Weaknesses

  • CWE-1393: CWE-1393 Use of Default Password

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: total

References