CVE-2024-57790

Name of the Vulnerable Software and Affected Versions IXON B.V. IXrouter IX2400 (Industrial Edge Gateway) version 3.0

Description The issue concerns hardcoded root credentials stored in the non-volatile flash memory. This allows physically proximate attackers to gain root access via UART or SSH.

Recommendations For version 3.0, consider changing the hardcoded root credentials to unique, secure credentials to prevent unauthorized access. As a temporary workaround, restrict physical access to the device and limit SSH and UART connections to trusted sources until a patch is available.