Vulnerability: Bypassing POSIM EVO Login Prompt via Emergency Override Account

CVE-2018-15807 · MEDIUM Severity

AV:L/AC:L/AU:N/C:P/I:P/A:P

POSIM EVO 15.13 for Windows includes an "Emergency Override" administrative account that may be accessed through POSIM's "override" feature. This Override prompt expects a code that is computed locally using a deterministic algorithm. This code may be generated by an attacker and used to bypass any POSIM EVO login prompt.

Learn more about our Web Application Penetration Testing UK.