https://techcrunch.com/2019/05/02/orpak-gas-station-password/
By Zack Whittaker
TechCrunch
May 2, 2019
Homeland Security’s cybersecurity agency says a popular gas station software
contains several security vulnerabilities that require “low skill” to exploit.
The advisory, posted by the Cybersecurity and Infrastructure Security Agency
(CISA), gave the Orpak SiteOmat software a rare vulnerability severity rating
of 9.8 out of 10.
Orpak’s SiteOmat systems monitor the amount of fuel stored in a gas station’s
tanks, as well as their temperature and pressure. The software also sets the
price of the gas and processes card payments. Its user interface is password
protected, preventing unauthorized access to its data or configuration.
According to the advisory, the software contained a hardcoded password set by
the manufacturer, which if used would grant unfettered access to the system.
CISA didn’t publish the password.
[...]
--
Subscribe to InfoSec News
https://www.infosecnews.org/subscribe-to-infosec-news/
https://twitter.com/infosecnews_
