Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
9.3
CVE-2026-7251: Eppendorf BioFlo 320: Remote Access Password Exposed
CVE-2026-7251
Summary
Eppendorf's BioFlo 320 bioreactor's remote access feature has a hardcoded password, allowing an attacker with network access to control the device. This poses a significant risk to sensitive bioprocessing operations. To mitigate this, Eppendorf should update the BioFlo 320 software to use a randomly generated password or disable remote access if not in use.
Original title
Eppendorf BioFlo 320 is vulnerable to due to VNC server using a hard-coded password. If a remote attacker knows the network address of any BioFlo 320 model with remote access enabled, they can gain...
Original description
Eppendorf BioFlo 320 is vulnerable to due to VNC server using a hard-coded password. If a remote attacker knows the network address of any BioFlo 320 model with remote access enabled, they can gain full control of the user interface by using this password. Once connected, the attacker would have full access to all control panel features for the BioFlo 320. VNC traffic is not encrypted.
nvd CVSS3.1
9.8
nvd CVSS4.0
9.3
Vulnerability type
CWE-259
Published: 26 May 2026 · Updated: 28 May 2026 · First seen: 26 May 2026