SUR-FBD CMMS Hard-Coded Credentials Vulnerability Allowing Administrative Access
Vulnerability
A vulnerability exists in SUR-FBD CMMS due to hard-coded credentials embedded in a compiled DLL file. These credentials are linked to a built-in administrative account. An attacker with local access to the system or the application's installation directory could extract these credentials, potentially leading to a full compromise of the application's administrative functions. This vulnerability affects all versions of SUR-FBD CMMS prior to 2025.03.27.
Impact
Exploitation of this vulnerability could result in unauthorized access to administrative functions within the SUR-FBD CMMS application, allowing for a complete compromise of administrative capabilities.
Remediation
Users can upgrade to SUR-FBD CMMS version 2025.03.27 or later to address this vulnerability.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.