CVE-2021-35961 CRITICAL

CVE-2021-35961: TAIWAN SECOM CO., LTD., Door Access Control and Personnel Attendance Management system - Use of Hard-coded Credentials

Vendor Taiwan Secom Co., Ltd.,
Product Door Access Control and Personnel Attendance Management system
Weakness CWE-798 · Hardcoded credentials
Published July 16, 2021
Last update September 17, 2024

CVSS base score

9.8/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction None
Confidentiality High
Integrity High

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

What the vulnerability does

01Description

Dr. ID Door Access Control and Personnel Attendance Management system uses the hard-code admin default credentials that allows remote attackers to access the system through the default password and obtain the highest permission.

Key dates

02Disclosure timeline

July 16, 2021 CVE published
September 17, 2024 Record updated