CVE-2026-6284
CRITICALDescription
An attacker with network access to the PLC is able to brute force discover passwords to gain unauthorized access to systems and services. The limited password complexity and no password input limiters makes brute force password enumeration possible.
CVSS v3.1 Score
EPSS — Exploit Prediction
EPSS estimates the probability that this vulnerability will be exploited in the wild within the next 30 days. A higher score means more likely to be exploited.
Weakness Type (CWE)
References
Frequently Asked Questions
What is CVE-2026-6284? +
How severe is CVE-2026-6284? +
How do I check if I'm vulnerable to CVE-2026-6284? +
Related Vulnerabilities
FreePBX Endpoint Manager is a module for managing telephony endpoints in FreePBX systems. Versions prior to 16.0.96 and 17.0.1 through …
KTM System e-BOK enforces a maximum password length of six numeric digits and does not permit the use of any …
Hikvision Streaming Media Management Server v2.3.5 uses default credentials that allow remote attackers to authenticate and access restricted functionality. After …
No password for the root user is set in Novakon P series. This allows phyiscal attackers to enter the console …
Weak password requirements issue exists in CHOCO TEI WATCHER mini (IB-MCT001) all versions. If this issue is exploited, a brute-force …
YMS VIS Pro is an information system for veterinary and food administration, veterinarians and farm. Due to a combination of …