Primary

Context

Bosch Rexroth ctrlX OS Password Recovery Vulnerability in User Configuration File

Vulnerability

A vulnerability exists in the user configuration file of Bosch Rexroth ctrlX OS that may allow a remote authenticated (low-privileged) attacker to retrieve plaintext passwords of other users. This issue arises from inadequate password hashing practices, enabling the extraction of sensitive information through authenticated access.

Impact

Exploitation of this vulnerability could lead to unauthorized access to other users' plaintext passwords, potentially allowing for further exploitation or impersonation.

Remediation

Users are advised to update to the latest versions of the affected applications. The update process may require a device reboot. To check if the update has been applied, use the device's package management system.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

5.2

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

5.2

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Bosch Rexroth ctrlX OS Password Recovery Vulnerability in User Configuration File

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating