Headline
CVE-2021-41297: TWCERT/CC台灣電腦網路危機處理暨協調中心-ECOA BAS controller - Insufficiently Protected Credentials-1
ECOA BAS controller is vulnerable to weak access control mechanism allowing authenticated user to remotely escalate privileges by disclosing credentials of administrative accounts in plain-text.