HomeIntelligenceBrief
VULNERABILITY BRIEF🔴 Critical Vulnerability

Critical Hard‑coded Credential Vulnerability (CVE‑2026‑7786) in Jinan USR‑W610 IoT Converter Threatens Industrial Control Systems

CISA has flagged a critical CVE‑2026‑7786 flaw in Jinan USR‑IOT's USR‑W610 RS232/485‑to‑Wi‑Fi/Ethernet converter. The firmware contains plaintext admin credentials, allowing attackers to gain full device control. The issue impacts manufacturers worldwide and poses a severe third‑party risk.

LiveThreat™ Intelligence · 📅 May 28, 2026· 📰 cisa.gov
🔴
Severity
Critical
VU
Type
Vulnerability
🎯
Confidence
High
🏢
Affected
2 sector(s)
Actions
6 recommended
📰
Source
cisa.gov

Critical Hard‑coded Credential Vulnerability (CVE‑2026‑7786) in Jinan USR‑W610 RS232/485 to Wi‑Fi/Ethernet Converter Threatens Industrial Control Systems

What It Is – The USR‑W610 converter firmware embeds plaintext administrative credentials. Attackers can extract these credentials via firmware analysis and gain full admin control of the device.

Exploitability – The vulnerability is publicly disclosed (CVE‑2026‑7786) and rated CVSS 3.1 9.8 (Critical). No public exploit code has been released, but the attack requires only firmware download and static analysis, making exploitation feasible for skilled adversaries.

Affected Products – Jinan USR IOT Technology Limited (PUSR) USR‑W610 RS232/485 to Wi‑Fi/Ethernet Converter, firmware version 7.03T.07.

TPRM Impact – The device is widely deployed in critical manufacturing environments worldwide. Compromise can lead to unauthorized control of PLCs, production line shutdowns, and potential data leakage, representing a high‑impact supply‑chain risk for downstream manufacturers and service providers.

Recommended Actions

  • Immediately isolate USR‑W610 units from production networks.
  • Verify firmware version; if 7.03T.07, treat as compromised.
  • Apply any vendor‑provided firmware patches or, if unavailable, replace devices with secure alternatives.
  • Rotate all default and hard‑coded credentials on connected systems.
  • Conduct network traffic monitoring for anomalous device communication.
  • Document the exposure in your third‑party risk register and reassess the vendor’s security posture.

Source: CISA Advisory – ICS‑A‑26‑148‑02

📰 Original Source
https://www.cisa.gov/news-events/ics-advisories/icsa-26-148-02

This LiveThreat Intelligence Brief is an independent analysis. Read the original reporting at the link above.

From the Verisq platform · Trust Operations

Every gap like this maps to a control you can evidence.

The Verisq AI Trust Operations platform maps incidents to your control framework and collects the evidence continuously — so your Trust Center shows proof, not promises, when a buyer or auditor asks.

Explore the Verisq AI Trust Operations platform →