Weintek cMT-3072XH2 VNC Component Unauthorized Access Vulnerability

Vulnerability

A vulnerability in the VNC component of Weintek cMT-3072XH2, easyweb v2.1.53, and OS v20231011, allows unauthorized attackers to access the HMI system. This issue arises from incorrect access control, enabling built-in service accounts to interact with the HMI VNC features beyond their intended permissions.

Impact

Exploitation of this vulnerability could lead to unauthorized control and interaction with the HMI system via VNC, allowing attackers to manipulate the interface and potentially disrupt controlled industrial processes.

Added: Mar 3, 2026, 8:34 PM

Updated: Mar 3, 2026, 10:18 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

7.4

remediation

0.0

relevance

3.4

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

7.4

remediation

0.0

relevance

3.4

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Weintek cMT-3072XH2 VNC Component Unauthorized Access Vulnerability

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating