OTPulse
FeedAboutContact

EasyIO-30P-SF Hard-Coded Credential Vulnerability

Low RiskICS-CERT ICSA-15-237-02May 28, 2015
Summary

EasyIO 30P-SF controllers contain hard-coded credentials in their firmware that cannot be changed or disabled. An attacker with network access can use these credentials to gain full administrative access to the controller. All firmware versions prior to build v0.5.21 (for the 0.5.x line) and v2.0.5.21 (for the 2.0.x line) are affected. The vendor has not released patches and does not plan to fix this vulnerability.

What this means
What could happen
An attacker with network access to the 30P-SF controller can log in using hard-coded credentials to gain administrative control, potentially altering process parameters, stopping operations, or modifying system configuration in water/wastewater or utility plants.
Who's at risk
Water and wastewater utilities, municipal electric systems, and industrial facilities using EasyIO 30P-SF controllers for process automation and control. This affects legacy control hardware that may be embedded in SCADA or process control systems.
How it could be exploited
An attacker discovers the hard-coded credentials embedded in the 30P-SF controller firmware. The attacker connects to the controller's management interface (likely Modbus, web portal, or proprietary protocol) over the network and authenticates using these credentials, gaining full administrative access without needing to discover or crack a password.
Prerequisites
  • Network connectivity to the 30P-SF controller's management port
  • Knowledge of the hard-coded credentials (embedded in firmware)
  • No additional authentication or special configuration required
Hard-coded credentials in firmwareNo patch available (end-of-life product)Remotely exploitable over networkCould affect critical process control operationsNo authentication bypass needed once credentials are known
Exploitability
Low exploit probability (EPSS 0.7%)
Affected products (2)
2 EOL
ProductAffected VersionsFix Status
30P-SF controller all firmware prior to build: v0.5.21v0.5.21No fix (EOL)
30P-SF controller all firmware prior to build: v2.0.5.21v2.0.5.21No fix (EOL)
Remediation & Mitigation
0/4
Do now
0/2
HARDENINGImplement strict network segmentation to isolate the 30P-SF controller from untrusted networks; restrict administrative access to engineering workstations only
WORKAROUNDDeploy firewall rules to block unauthorized access to the controller's management interface; whitelist only known engineering and monitoring systems
Mitigations - no patch available
0/2
The following products have reached End of Life with no planned fix: 30P-SF controller all firmware prior to build: v0.5.21, 30P-SF controller all firmware prior to build: v2.0.5.21. Apply the following compensating controls:
HARDENINGMonitor network traffic to the controller for suspicious login attempts or administrative commands
HARDENINGEvaluate replacement or retirement of affected 30P-SF controllers with firmware prior to v0.5.21 or v2.0.5.21, since no patch is planned
View full CISA ICS-CERT advisory
โ†‘โ†“ Navigate ยท Esc Close
API: /api/v1/advisories/22d5d3a0-3ab9-4501-8fa3-6668ba83cee0
EasyIO-30P-SF Hard-Coded Credential Vulnerability - OTPulse