Description
Eppendorf BioFlo 320 is vulnerable due to VNC server using a hard-coded password. If a remote attacker knows the network address of any BioFlo 320 model with remote access enabled, they can gain full control of the user interface by using this password. Once connected, the attacker would have full access to all control panel features for the BioFlo 320. VNC traffic is not encrypted.
Published: 2026-05-26
Score: 9.3 Critical
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

Eppendorf BioFlo 320 is vulnerable because its VNC server uses a hard‑coded password. A remote attacker who knows the device’s network address and finds remote access enabled can log in with this password and gain full control of the user interface, giving access to all control panel features. VNC traffic is not encrypted, allowing attackers to intercept or alter data in transit.

Affected Systems

The affected product is the Eppendorf BioFlo 320. All units shipped with VNC disabled by default, and the feature can only be enabled locally at the tower. Any BioFlo 320 that has VNC enabled is vulnerable.

Risk and Exploitability

The CVSS score is 9.3, indicating critical severity. Although the EPSS score is <1%, the presence of a hard‑coded password and lack of encryption suggest that exploitation remains feasible, but the low EPSS score indicates a relatively low likelihood of exploitation. The vulnerability is not listed in the CISA KEV catalog, but the attack vector is remote network access, and an attacker could exploit it without needing privileged credentials or local access.

Generated by OpenCVE AI on June 4, 2026 at 22:51 UTC.

Remediation

Vendor Solution

Eppendorf has released a software update that permanently removes VNC access from the controller. Users should download and apply this update from: https://www.eppendorf.com/software-downloads. https://www.eppendorf.com/software-downloads All affected BioFlo 320 systems always shipped with Virtual Network Computing (VNC) disabled by default, and VNC can only be enabled locally at the tower. Eppendorf has removed VNC configuration information from all current documentation, so it no longer appears in BioFlo 320 Operating Manuals. Eppendorf recommends user do the following: - Verify that VNC is disabled on the controller - Enable security so that only Admin and Supervisor roles can change VNC settings - Install Version 5.0 Software as soon as possible

OpenCVE Recommended Actions

  • Download and apply the Eppendorf V5.0 software update that permanently removes VNC access from the controller.
  • Verify that VNC remains disabled on all BioFlo 320 controllers after the update.
  • Configure role‑based security so that only Admin or Supervisor users can change VNC settings, preventing accidental re‑enablement.

Generated by OpenCVE AI on June 4, 2026 at 22:51 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 04 Jun 2026 21:30:00 +0000

Type Values Removed Values Added
Description Eppendorf BioFlo 320 is vulnerable to due to VNC server using a hard-coded password. If a remote attacker knows the network address of any BioFlo 320 model with remote access enabled, they can gain full control of the user interface by using this password. Once connected, the attacker would have full access to all control panel features for the BioFlo 320. VNC traffic is not encrypted. Eppendorf BioFlo 320 is vulnerable due to VNC server using a hard-coded password. If a remote attacker knows the network address of any BioFlo 320 model with remote access enabled, they can gain full control of the user interface by using this password. Once connected, the attacker would have full access to all control panel features for the BioFlo 320. VNC traffic is not encrypted.

Wed, 27 May 2026 10:30:00 +0000

Type Values Removed Values Added
First Time appeared Eppendorf
Eppendorf bioflo 320
Vendors & Products Eppendorf
Eppendorf bioflo 320

Tue, 26 May 2026 19:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Tue, 26 May 2026 18:00:00 +0000

Type Values Removed Values Added
Description Eppendorf BioFlo 320 is vulnerable to due to VNC server using a hard-coded password. If a remote attacker knows the network address of any BioFlo 320 model with remote access enabled, they can gain full control of the user interface by using this password. Once connected, the attacker would have full access to all control panel features for the BioFlo 320. VNC traffic is not encrypted.
Title Eppendorf BioFlo 320 Use of hard-coded password
Weaknesses CWE-259
References
Metrics cvssV3_1

{'score': 9.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}

cvssV4_0

{'score': 9.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N'}

Subscriptions

Eppendorf Bioflo 320
cve-icon MITRE

Status: PUBLISHED

Assigner: icscert

Published:

Updated: 2026-06-04T21:10:51.687Z

Reserved: 2026-04-27T18:37:39.380Z

Link: CVE-2026-7251

cve-icon Vulnrichment

Updated: 2026-05-26T18:39:14.922Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-05-26T18:16:55.347

Modified: 2026-06-04T22:16:54.333

Link: CVE-2026-7251

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-04T23:00:15Z

Weaknesses
  • CWE-259

    Use of Hard-coded Password