CVEs-PoC/2020/CVE-2020-7590.md

### [CVE-2020-7590](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7590)
![](https://img.shields.io/static/v1?label=Product&message=DCA%20Vantage%20Analyzer&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-259%3A%20Use%20of%20Hard-coded%20Password&color=brighgreen)

### Description

A vulnerability has been identified in DCA Vantage Analyzer (All versions < V4.5 are affected by CVE-2020-7590. In addition, serial numbers < 40000 running software V4.4.0 are also affected by CVE-2020-15797). Affected devices use a hard-coded password to protect the onboard database. This could allow an attacker to read and or modify the onboard database. Successful exploitation requires direct physical access to the device.

### POC

#### Reference
- https://www.siemens-healthineers.com/support-documentation/security-advisory

#### Github
No PoCs found on GitHub currently.