CVE-2021-37163

Name of the Vulnerable Software and Affected Versions Swisslog Healthcare Nexus versions prior to 7.2.5.7

Description An insecure permissions issue was discovered in the HMI3 Control Panel of Swisslog Healthcare Nexus. The device has two user accounts with hardcoded passwords.

Recommendations For versions prior to 7.2.5.7, update to version 7.2.5.7 or later to resolve the issue. As a temporary workaround, consider changing the hardcoded passwords of the two user accounts to unique and secure passwords until a patch is available. Restrict access to the HMI3 Control Panel to minimize the risk of exploitation.