Description
Insecure generation of credentials in the local SAT (Technical Support) access functionality of the Ingecon Sun EMS Board. The vulnerability arose because the secret access credentials were not based on a secure cryptographic scheme, but rather on a weak hashing algorithm, which could allow an attacker to carry out a privilege escalation.
Published: 2026-05-12
Score: 9.2 Critical
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The Ingecon Sun EMS Board generates local SAT access credentials using a weak hash instead of a secure cryptographic algorithm. This flaw allows an attacker who can reach the SAT interface to infer the secret credentials and gain privileged control over the board, potentially compromising the entire energy management system.

Affected Systems

Ingeteam’s Ingecon Sun EMS Board, including models aax1031co, aax1055cu, abh1007aa, abh1027_l, abs1005_u, abs1009_p, abu1001_q, acb1005_c, acl1200am, and acl1201_c, across all versions since the vulnerability exists in the base firmware.

Risk and Exploitability

With a CVSS score of 9.2, this vulnerability is considered Critical. The EPSS score is not available, and it is not currently listed in the CISA KEV catalog. The likely attack vector is local access to the SAT interface; once the weak credentials are derived, the attacker can escape to higher privilege levels and potentially disrupt or manipulate EMS operations.

Generated by OpenCVE AI on May 12, 2026 at 11:20 UTC.

Remediation

Vendor Solution

The risk has been mitigated with the release of a patch applicable to all versions, developed in December 2025. It is recommended that users update to the newer versions.

OpenCVE Recommended Actions

  • Apply the December 2025 firmware patch released by Ingeteam to all affected boards
  • Disable the local SAT access interface if it is not required for operations
  • Configure the SAT interface to require multi‑factor authentication or other strong authentication mechanisms

Generated by OpenCVE AI on May 12, 2026 at 11:20 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 12 May 2026 13:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Tue, 12 May 2026 10:15:00 +0000

Type Values Removed Values Added
Description Insecure generation of credentials in the local SAT (Technical Support) access functionality of the Ingecon Sun EMS Board. The vulnerability arose because the secret access credentials were not based on a secure cryptographic scheme, but rather on a weak hashing algorithm, which could allow an attacker to carry out a privilege escalation.
Title Insecure generation of SAT access credentials in Ingecon EMS Board
First Time appeared Ingeteam
Ingeteam ingecon Sun Ems Board
Weaknesses CWE-327
CPEs cpe:2.3:a:ingeteam:ingecon_sun_ems_board:*:*:*:*:*:*:*:*
cpe:2.3:a:ingeteam:ingecon_sun_ems_board:aax1031co:*:*:*:*:*:*:*
cpe:2.3:a:ingeteam:ingecon_sun_ems_board:aax1055cu:*:*:*:*:*:*:*
cpe:2.3:a:ingeteam:ingecon_sun_ems_board:abh1007aa:*:*:*:*:*:*:*
cpe:2.3:a:ingeteam:ingecon_sun_ems_board:abh1027_l:*:*:*:*:*:*:*
cpe:2.3:a:ingeteam:ingecon_sun_ems_board:abs1005_u:*:*:*:*:*:*:*
cpe:2.3:a:ingeteam:ingecon_sun_ems_board:abs1009_p:*:*:*:*:*:*:*
cpe:2.3:a:ingeteam:ingecon_sun_ems_board:abu1001_q:*:*:*:*:*:*:*
cpe:2.3:a:ingeteam:ingecon_sun_ems_board:acb1005_c:*:*:*:*:*:*:*
cpe:2.3:a:ingeteam:ingecon_sun_ems_board:acl1200am:*:*:*:*:*:*:*
cpe:2.3:a:ingeteam:ingecon_sun_ems_board:acl1201_c:*:*:*:*:*:*:*
Vendors & Products Ingeteam
Ingeteam ingecon Sun Ems Board
References
Metrics cvssV4_0

{'score': 9.2, 'vector': 'CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N'}

Subscriptions

Ingeteam Ingecon Sun Ems Board
cve-icon MITRE

Status: PUBLISHED

Assigner: INCIBE

Published:

Updated: 2026-05-12T12:19:29.775Z

Reserved: 2026-05-07T09:46:15.152Z

Link: CVE-2026-8072

cve-icon Vulnrichment

Updated: 2026-05-12T12:19:15.314Z

cve-icon NVD

Status : Received

Published: 2026-05-12T10:16:48.670

Modified: 2026-05-12T10:16:48.670

Link: CVE-2026-8072

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-12T11:30:14Z

Weaknesses