Vulnerability: Hard-coded Secrets and MAC Address Calculation in Loxone Miniserver Go Gen.2
CVE-2023-36623 · HIGH Severity
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
The root password of the Loxone Miniserver Go Gen.2 before 14.2 is calculated using hard-coded secrets and the MAC address. This allows a local user to calculate the root password and escalate privileges.
Learn more about our Cis Benchmark Audit For Server Software.