Nicolas Harsey

**Name of the Vulnerable Software and Affected Versions** Baker Hughes Bentley Nevada 3500 System 1 6.x versions 6.98 and prior Baker Hughes Bentley Nevada 3500 System 1 versions 21.1 HF1 and prior Baker Hughes Bentley Nevada 3500 Rack Configuration versions 6.4 and prior Baker Hughes Bentley Nevada 3500/22M Firmware versions 5.05 and prior **Description** The affected products utilize a weak encryption algorithm for storage and transmission of sensitive data, which may allow an attacker to more easily obtain credentials used for access. **Recommendations** For Baker Hughes Bentley Nevada 3500 System 1 6.x versions 6.98 and prior, consider updating to a version that utilizes a stronger encryption algorithm. For Baker Hughes Bentley Nevada 3500 System 1 versions 21.1 HF1 and prior, consider updating to a version that utilizes a stronger encryption algorithm. For Baker Hughes Bentley Nevada 3500 Rack Configuration versions 6.4 and prior, consider updating to a version that utilizes a stronger encryption algorithm. For Baker Hughes Bentley Nevada 3500/22M Firmware versions 5.05 and prior, consider updating to a version that utilizes a stronger encryption algorithm. As a temporary workaround, consider restricting access to sensitive data until a patch is available.