Primary

Context

Sunbird DCIM dcTrack and Power IQ Hard-Coded Credentials Vulnerability

Vulnerability

Patched

A vulnerability exists in Sunbird DCIM dcTrack and Power IQ platforms, all versions through 9.2.0, allowing the use of default and hard-coded credentials for access. This vulnerability could enable an attacker to manage the database, escalate privileges on the platform, or execute system commands on the host.

Impact

Exploitation of this vulnerability could lead to unauthorized access, privilege escalation, and the ability to execute system commands on the host.

Remediation

Users are advised to update Sunbird DCIM dcTrack to version 9.2.3 and Power IQ to version 9.2.1. If an immediate update is not possible, Sunbird recommends restricting SSH or any non-essential port access in the IP Based Access Control and changing passwords for SSH-based user accounts at the time of deployment.

Added: Dec 4, 2025, 9:24 PM

Updated: Dec 4, 2025, 9:24 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

7.4

remediation

0.0

relevance

1.3

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

7.4

remediation

0.0

relevance

1.3

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Sunbird DCIM dcTrack and Power IQ Hard-Coded Credentials Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Sunbird DCIM dcTrack

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating