Detections
Analytics

Advantech ADAM-6000 Use of Default Password (CVE-2008-5848)

critical Tenable OT Security Plugin ID 505341

Synopsis

The remote OT asset is affected by a vulnerability.

Description

The Advantech ADAM-6000 module has 00000000 as its default password, which makes it easier for remote attackers to obtain access through an HTTP session, and (1) monitor or (2) control the module's Modbus/TCP I/O activity.

This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.

Solution

Refer to the vendor advisory.

See Also

http://www.nessus.org/u?63659f1c

http://www.nessus.org/u?d3fc4d28

http://www.ruxcon.org.au/presentations.shtml#13

Plugin Details

Severity: Critical

ID: 505341

File Name: tenable_ot_advantech_CVE-2008-5848.nasl

Version: 1.1

Type: Remote

Family: Tenable.ot

Published: 4/30/2026

Updated: 4/30/2026

Supported Sensors: Tenable OT Security

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: Critical

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2008-5848

Vulnerability Information

CPE: cpe:/h:advantech:adam-6017, cpe:/h:advantech:adam-6050, cpe:/h:advantech:adam-6052, cpe:/h:advantech:adam-6050w, cpe:/h:advantech:adam-6501, cpe:/h:advantech:adam-6015, cpe:/h:advantech:adam-6051, cpe:/h:advantech:adam-6022, cpe:/h:advantech:adam-6051w, cpe:/h:advantech:adam-6060, cpe:/h:advantech:adam-6018, cpe:/h:advantech:adam-6066, cpe:/h:advantech:adam-6060w, cpe:/h:advantech:adam-6024

Required KB Items: Tenable.ot/Advantech

Patch Publication Date: 1/6/2009

Vulnerability Publication Date: 1/6/2009

Reference Information

CVE: CVE-2008-5848

CWE: 1393