Description
Tyler Identity Local (TID-L) uses documented, default administrative credentials. Users are not required to change the credentials before deployment. TID-L has not been distributed since December 2020, and has not been supported since 2021.
Published: 2026-05-19
Score: 9.3 Critical
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

Tyler Identity Local (TID‑L) ships with documented default administrative credentials that users are not required to change before deployment. This flaw allows an attacker who knows or discovers the default username and password to obtain full administrative control of the system, potentially compromising confidentiality, integrity, and availability of the data and services managed by TID‑L. The weakness is a classic example of weeding out hardcoded defaults and is cataloged as CWE‑1392.

Affected Systems

The affected product is Tyler Technologies’ Tyler Identity Local (TID‑L). No specific version numbers are published; it has not been distributed since December 2020 and is no longer supported as of 2021.

Risk and Exploitability

The likely attack vector is local or remote deployment access, because the credentials are documented and remain unchanged after installation. With a CVSS score of 9.3 the vulnerability is rated Very High. The EPSS score is not available, and it is not currently listed in CISA’s KEV catalog. Nevertheless, any new or existing deployment of TID‑L carries a high risk of an attacker gaining full administrative privileges by simply using the documented default credentials.

Generated by OpenCVE AI on May 19, 2026 at 15:22 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Discontinue any new deployments of TID‑L.
  • For existing installations, promptly change the administrative credentials and verify the change.
  • Audit the system configuration to ensure no residual default accounts remain and restrict management access to trusted hosts.

Generated by OpenCVE AI on May 19, 2026 at 15:22 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 20 May 2026 11:45:00 +0000

Type Values Removed Values Added
First Time appeared Tyler Technologies
Tyler Technologies tid-l
Vendors & Products Tyler Technologies
Tyler Technologies tid-l

Tue, 19 May 2026 14:30:00 +0000

Type Values Removed Values Added
Description Tyler Identity Local (TID-L) uses documented, default administrative credentials. Users are not required to change the credentials before deployment. TID-L has not been distributed since December 2020, and has not been supported since 2021.
Title Tyler Identity Local (TID-L) default administrative credentials
Weaknesses CWE-1392
References
Metrics cvssV3_1

{'score': 9.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}

cvssV4_0

{'score': 9.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N'}

Subscriptions

Tyler Technologies Tid-l
cve-icon MITRE

Status: PUBLISHED

Assigner: cisa-cg

Published:

Updated: 2026-05-19T13:45:06.907Z

Reserved: 2026-05-05T14:32:29.625Z

Link: CVE-2026-44159

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-05-19T15:16:31.180

Modified: 2026-05-19T17:57:25.143

Link: CVE-2026-44159

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-20T10:39:18Z

Weaknesses