CVE-2022-29953 Information

Description

The Bently Nevada 3700 series of condition monitoring equipment through 2022-04-29 has a maintenance interface on port 4001/TCP with undocumented hardcoded credentials. An attacker capable of connecting to this interface can thus trivially take over its functionality.

Reference

https://www.cisa.gov/uscert/ics/advisories/icsa-22-188-02 https://www.forescout.com/blog/