CVE-2026-8072— Insecure generation of SAT access credentials in Ingecon EMS Board
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2026-8072
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Insecure generation of SAT access credentials in Ingecon EMS Board
Source: NVD (National Vulnerability Database)
Vulnerability Description
Insecure generation of credentials in the local SAT (Technical Support) access functionality of the Ingecon Sun EMS Board. The vulnerability arose because the secret access credentials were not based on a secure cryptographic scheme, but rather on a weak hashing algorithm, which could allow an attacker to carry out a privilege escalation.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
使用已被攻破或存在风险的密码学算法
Source: NVD (National Vulnerability Database)
Vulnerability Title
Ingeteam Ingecon Sun EMS Board 加密问题漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Ingeteam Ingecon Sun EMS Board是Ingeteam公司的一款面向光伏发电与能源管理场景的控制与通信扩展板卡。 Ingeteam Ingecon Sun EMS Board存在加密问题漏洞,该漏洞源于本地SAT技术访问功能中凭据生成不安全,秘密访问凭据基于弱哈希算法而非安全加密方案,可能导致攻击者进行权限提升。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| Ingeteam | Ingecon Sun EMS Board | 0 ~ AAX1055CT | - |
II. Public POCs for CVE-2026-8072
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2026-8072
请登录查看更多情报信息。
IV. Related Vulnerabilities
Same weakness: CWE-327
- CVE-2026-6411
MAXHUB Pivot Client Application Use of a Broken or Risky Cry - CVE-2026-44405
Paramiko 加密问题漏洞 - CVE-2026-32959
Silex SD-330AC和Silex AMC Manager 安全漏洞 - CVE-2026-5588
PKIX draft CompositeVerifier accepts empty signature sequenc - CVE-2025-14813
GOSTCTR implementation unable to process more than 255 block
V. Comments for CVE-2026-8072
No comments yet