【資安漏洞預警】IEI 威強電工業電腦|iRM-IEI Remote Management - Hardcoded Credentials
[Security Vulnerability Alert] IEI Integration Corp. | iRM-IEI Remote Management - Hardcoded Credentials

發布單位:圖資處數位服務組
日期範圍:2026/6/17 ~ 2026/12/17
 
發布單位:圖資處數位服務組
日期範圍:2026/6/17 ~ 2026/12/17
行政 行政公告
全體

轉發 台灣電腦網路危機處理暨協調中心 資安訊息警訊 TWCERTCC-200-202606-00000014

[內容說明]
【IEI 威強電工業電腦|iRM-IEI Remote Management - Hardcoded Credentials】(CVE-2026-11849,CVSS:9.8) 未經身分鑑別之遠端攻擊者可利用hard-coded之帳號通行碼取得資料庫最高權限。

[影響平台]
iRM-TSi410X v1.4.19(不含)以前版本

[建議措施]
更新至 iRM TSi410X v1.4.19(含)以後版本

Forwarded from Taiwan Computer Network Crisis Management and Coordination Center: Cybersecurity Alert TWCERTCC-200-202606-00000014

[Content Description]
【IEI Integration Corp. | iRM-IEI Remote Management - Hardcoded Credentials】(CVE-2026-11849, CVSS: 9.8) An unauthenticated remote attacker can use hard-coded account access codes to gain root access to the database.

[Affected Platforms]
iRM-TSi410X versions prior to v1.4.19

[Recommended Action]
Update to iRM TSi410X v1.4.19 or later.


相關附件
【返回上頁】
Top↑