Critical Hard‑coded Credential Vulnerability (CVE‑2026‑7786) in Jinan USR‑W610 RS232/485 to Wi‑Fi/Ethernet Converter Threatens Industrial Control Systems
What It Is – The USR‑W610 converter firmware embeds plaintext administrative credentials. Attackers can extract these credentials via firmware analysis and gain full admin control of the device.
Exploitability – The vulnerability is publicly disclosed (CVE‑2026‑7786) and rated CVSS 3.1 9.8 (Critical). No public exploit code has been released, but the attack requires only firmware download and static analysis, making exploitation feasible for skilled adversaries.
Affected Products – Jinan USR IOT Technology Limited (PUSR) USR‑W610 RS232/485 to Wi‑Fi/Ethernet Converter, firmware version 7.03T.07.
TPRM Impact – The device is widely deployed in critical manufacturing environments worldwide. Compromise can lead to unauthorized control of PLCs, production line shutdowns, and potential data leakage, representing a high‑impact supply‑chain risk for downstream manufacturers and service providers.
Recommended Actions –
- Immediately isolate USR‑W610 units from production networks.
- Verify firmware version; if 7.03T.07, treat as compromised.
- Apply any vendor‑provided firmware patches or, if unavailable, replace devices with secure alternatives.
- Rotate all default and hard‑coded credentials on connected systems.
- Conduct network traffic monitoring for anomalous device communication.
- Document the exposure in your third‑party risk register and reassess the vendor’s security posture.
Source: CISA Advisory – ICS‑A‑26‑148‑02