Hardcoded Passwords in Swisslog Healthcare Nexus HMI3 Control Panel

Hardcoded Passwords in Swisslog Healthcare Nexus HMI3 Control Panel

CVE-2021-37163 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

An insecure permissions issue was discovered in HMI3 Control Panel in Swisslog Healthcare Nexus operated by released versions of software before Nexus Software 7.2.5.7. The device has two user accounts with passwords that are hardcoded.

Learn more about our User Device Pen Test.