Detections
Analytics
Default Credentials
Description
Adversaries may leverage manufacturer or supplier set default credentials on control system devices. These default credentials may have administrative permissions and may be necessary for initial configuration of the device. It is general best practice to change the passwords for these accounts as soon as possible, but some manufacturers may have devices that have passwords or usernames that cannot be changed.
Products, Sensors, and Dependencies
| Product | Dependencies | Data source | Access required | Protocol | Data Collected | Notes |
|---|
Attack Path Technique Details
Framework: MITRE ATT&CK
Family: Lateral Movement
Technique: Default Credentials
Products Required: Tenable Vulnerability Management and Tenable OT Security