## Hardcoded Credentials in Jinan USR IOT Device Lead to Potential Administrator Access Security researchers have uncovered a significant vulnerability affecting the **Jinan USR IOT Technology Limited (PUSR)** USR-W610 RS232/485 to Wi-Fi/Ethernet Converter. The issue, tracked as **CVE-2026-7786**, arises from the use of hardcoded administrative credentials within the device firmware. ### Vulnerability Details The vulnerability lies in the presence of plaintext administrative credentials embedded directly within the firmware image. An attacker with access to the firmware can extract these credentials through analysis and subsequently use them to authenticate to device services, gaining full administrative control. The affected product is: * **Jinan USR IOT Technology Limited (PUSR)** USR-W610 RS232/485 to Wi-Fi/Ethernet Converter version 7.03T.07 This vulnerability is classified under **CWE-798**, which specifically addresses the "Use of Hard-coded Credentials" weakness. ### Impact Successful exploitation of this vulnerability grants an attacker administrator-level access to the affected device. This could lead to: * Device compromise * Data theft * Disruption of services * Potential lateral movement within the network Given that these devices are often deployed in critical infrastructure sectors, the potential impact is substantial. ### Affected Sectors & Geography * **Critical Infrastructure Sectors:** Critical Manufacturing * **Countries/Areas Deployed:** Worldwide * **Company Headquarters Location:** China ### Remediation Currently, there is no patch available from the vendor, so **CISA** recommends the following mitigations: * **Minimize Network Exposure:** Ensure control system devices and systems are not directly accessible from the internet. * **Network Segmentation:** Locate control system networks and remote devices behind firewalls, isolating them from business networks. * **Secure Remote Access:** If remote access is required, use secure methods such as Virtual Private Networks (VPNs). Keep VPNs updated to the latest versions. * **Impact Analysis and Risk Assessment:** Perform thorough impact analysis and risk assessment before deploying any defensive measures. ### Acknowledgements **Arun Mane** and **Omkar Mali** reported this vulnerability to **CISA**. ### References * [View CSAF](https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-148-02.json) * [CVE-2026-7786 Details](https://www.cve.org/CVERecord?id=CVE-2026-7786) * [CWE-798](https://cwe.mitre.org/data/definitions/798.html)