CVE-2018-7510
Description
In the web application in BeaconMedaes TotalAlert Scroll Medical Air Systems running software versions prior to 4107600010.23, passwords are presented in plaintext in a file that is accessible without authentication.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Plaintext passwords stored in accessible file allow unauthenticated attackers to obtain credentials on BeaconMedaes TotalAlert Scroll Medical Air Systems.
Vulnerability
The web application in BeaconMedaes TotalAlert Scroll Medical Air Systems running software versions prior to 4107600010.23 stores passwords in plaintext in a file that is accessible without authentication [1]. This is an instance of unprotected storage of credentials (CWE-256).
Exploitation
An attacker with network access to the integrated web server can retrieve the file containing plaintext passwords without requiring any authentication [1]. No user interaction or special privileges are needed.
Impact
Successful exploitation allows the attacker to obtain user credentials, leading to partial disclosure of device and web application setup information [1]. The vulnerability does not compromise patient health information or the ability of the device to deliver medical air as designed [1].
Mitigation
BeaconMedaes has addressed this vulnerability in software version 4107600010.23 [1]. Users should update to this version or later to mitigate the issue. No workarounds are provided in the advisory [1].
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- Range: <4107600010.23
- ICS-CERT/BeaconMedaes TotalAlert Scroll Medical Air Systems web applicationv5Range: All versions prior to version 4107600010.23
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- ics-cert.us-cert.gov/advisories/ICSMA-18-144-01mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.