CVE-2021-37167

Name of the Vulnerable Software and Affected Versions Swisslog Healthcare Nexus Panel versions prior to 7.2.5.7

Description An insecure permissions issue was discovered in the HMI3 Control Panel of the Swisslog Healthcare Nexus Panel. This issue allows a user logged in using the default credentials to gain root access to the device, providing permissions for all of the device's functionality.

Recommendations For versions prior to 7.2.5.7, update to version 7.2.5.7 or later to resolve the issue. As a temporary workaround, consider changing the default credentials to prevent unauthorized access. Restrict access to the device until the update can be applied to minimize the risk of exploitation.