CVE-2020-9306 HIGH

CVE-2020-9306

Vendor N/A
Product n/a
Published February 17, 2021
Last update August 4, 2024

CVSS base score

8.8/10
Attack vector Adjacent
Attack complexity Low
Privileges required None
User interaction None
Confidentiality High
Integrity High

CVSS vector

CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:N/S:U/UI:N

What the vulnerability does

01Description

Tesla SolarCity Solar Monitoring Gateway through 5.46.43 has a "Use of Hard-coded Credentials" issue because Digi ConnectPort X2e uses a .pyc file to store the cleartext password for the python user account.

Key dates

02Disclosure timeline

February 17, 2021 CVE published
August 4, 2024 Record updated