CVE: CVE-2021-37555

Export to Word

TX9 Automatic Food Dispenser v3.2.57 devices allow access to a shell as root/superuser, a related issue to CVE-2019-16734. To connect, the telnet service is used on port 23 with the default password of 059AnkJ for the root account. The user can then download the filesystem through preinstalled BusyBox utilities (e.g., tar and nc).

Threat-Mapped Scoring

Score: 3.0

Priority: P2 - Serious (High)

S1 – Steal Customer Account Information

EPSS

Score: 0.00374
Percentile: 0.58256

CVSS Scoring

CVSS v3.1 Score: 9.8

Severity: CRITICAL

Mapped CWE(s)

CWE-798 : Use of Hard-coded Credentials

All CAPEC(s)

CAPEC-191: Read Sensitive Constants Within an Executable
CAPEC-70: Try Common or Default Usernames and Passwords

CAPEC(s) with Mapped TTPs

CAPEC-191: Read Sensitive Constants Within an Executable
Mapped TTPs:
- T1552.001 : Credentials In Files
CAPEC-70: Try Common or Default Usernames and Passwords
Mapped TTPs:
- T1078.001 : Default Accounts

Mapped ATT&CK TTPs

T1552.001 : Credentials In Files
Kill Chain: credential-access
T1078.001 : Default Accounts
Kill Chain: defense-evasion

Malware

APTs Threat Group Associations

Campaigns

Leviathan Australian Intrusions
HomeLand Justice

Affected Products

cpe:2.3:o:trixie:tx9_automatic_food_dispenser_firmware:3.2.57:*:*:*:*:*:*:*

← Back to Home