Novakon P Series Root User Weak Authentication Vulnerability

A vulnerability exists in the Novakon P Series HMI devices, specifically in version V2001.A.C518o2, where the root user is not assigned a password. This lack of authentication allows physical attackers to easily access the console. The vulnerability was discovered as part of a broader analysis that identified multiple security issues within the Novakon HMI series.

Impact

Exploitation of this vulnerability allows unauthorized access to the device's console as the root user, potentially leading to further exploitation of the device.

Reproduction

The vulnerability can be reproduced by physically accessing the device and logging in as the root user without a password. This can be done by crashing the PSeriesbiosinterface, which drops a login prompt directly on the device, or by exploiting the UDP service weak authentication vulnerability (CVE-2025-9965) to gain initial access and then spawning a telnet session as root.