Primary

Context

Weintek cMT X Series HMI EasyWeb Service Privilege Escalation Vulnerability

Vulnerability

A vulnerability exists in Weintek cMT X Series HMI EasyWeb Service, specifically in the cMT3072XH, cMT3072XH(T), cMT-SVRX-820, and cMT-CTRL01 versions. This vulnerability allows a low-privileged user to bypass account credentials without verifying the user's authentication state, potentially leading to unauthorized privilege escalation and full control of the device.

Impact

Exploitation of this vulnerability could allow a low-level user to alter privileges and gain full control of the device.

Added: Jan 22, 2026, 10:27 PM

Updated: Jan 22, 2026, 10:27 PM

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

7.5

exploitability

4.9

remediation

0.0

relevance

2.1

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

7.5

exploitability

4.9

remediation

0.0

relevance

2.1

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Weintek cMT X Series HMI EasyWeb Service Privilege Escalation Vulnerability

Vulnerability

Impact

Affected Products

Weintek cMT3072XH

Weintek cMT-SVRX-820

Weintek cMT-CTRL01

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating