CVE-2018-15807

Name of the Vulnerable Software and Affected Versions POSIM EVO version 15.13 for Windows

Description The issue concerns an "Emergency Override" administrative account in POSIM EVO that can be accessed through the "override" feature. This feature uses a locally computed code based on a deterministic algorithm, which can potentially be generated by an attacker. As a result, an attacker may bypass the POSIM EVO login prompt.

Recommendations For POSIM EVO version 15.13 for Windows, consider disabling the "override" feature until a patch is available to prevent potential bypass of the login prompt. Restrict access to the "Emergency Override" administrative account to minimize the risk of exploitation.