Security Advisory

CVE-2024-57811

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-01-13 00:00:00
Last updated 2025-01-16 17:27:35
Assigner mitre
State PUBLISHED

Description

In Eaton X303 3.5.16 - X303 3.5.17 Build 712, an attacker with network access to a XC-303 PLC can login as root over SSH. The root password is hardcoded in the firmware. NOTE: This vulnerability appears in versions that are no longer supported by Eaton.