Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

CVE-2026-8605: ScadaBR 1.2.0: Hard-Coded Admin Credentials

CVE-2026-8605

Summary

ScadaBR's admin credentials are hardcoded, allowing unauthorized access to the SCADA system. This is a serious risk because an attacker can gain full control of the system. Update to a fixed version of ScadaBR to prevent unauthorized access.

What to do

No fix is available yet. Check with your software vendor for updates.

Affected software

Vendor	Product	Affected versions
scadabr	scadabr	1.2 `cpe:2.3:a:scadabr:scadabr:1.2:::::::*`

Original title

In ScadaBR version 1.2.0, a Use of Hard-Coded Credentials vulnerability could allow an attacker to access the SCADA system as admin.

Original description

In ScadaBR version 1.2.0, a Use of Hard-Coded Credentials vulnerability could allow an attacker to access the SCADA system as admin.

nvd CVSS4.0 5.1

Vulnerability type

CWE-798 Use of Hard-coded Credentials

https://www.cisa.gov/news-events/ics-advisories/icsa-26-139-03

Published: 19 May 2026 · Updated: 28 May 2026 · First seen: 19 May 2026