Thomas Hayen

Name of the Vulnerable Software and Affected Versions: SUR-FBD CMMS versions prior to 2025.03.27 Description: A vulnerability was identified in SUR-FBD CMMS where hard-coded credentials were found within a compiled DLL file. These credentials correspond to a built-in administrative account of the software. An attacker with local access to the system or the application's installation directory could extract these credentials, potentially leading to a complete compromise of the application's administrative functions. Recommendations: For versions prior to 2025.03.27, update to version 2025.03.27 to resolve the issue. As a temporary workaround, consider restricting access to the administrative functions of the software until the update can be applied.