HomeIntelligenceBrief
VULNERABILITY BRIEF🟠 High Vulnerability

Critical Credential Vulnerabilities in MacGregor Voyage Data Recorder (CVE-2026-42941) Endanger Maritime Operations

CVE‑2026‑42941 exposes default, hard‑coded, and weakly protected credentials in Danelec's MacGregor Voyage Data Recorder (VDR) G4e. Attackers can gain full admin access, threatening shipping firms, port operators, and downstream analytics services. Immediate firmware updates and credential hardening are required.

LiveThreat™ Intelligence · 📅 May 28, 2026· 📰 cisa.gov
🟠
Severity
High
VU
Type
Vulnerability
🎯
Confidence
High
🏢
Affected
2 sector(s)
Actions
4 recommended
📰
Source
cisa.gov

Critical Credential Vulnerabilities in MacGregor Voyage Data Recorder (VDR) G4e (CVE‑2026‑42941) Threaten Maritime Operations

What It Is — The MacGregor Voyage Data Recorder (VDR) G4e ships with default, hard‑coded, and insufficiently protected credentials, allowing an adversary to obtain full administrator access. The flaw is tracked as CVE‑2026‑42941 and carries a CVSS v3.1 base score of 8.3 (High).

Exploitability — Exploits are trivial: knowledge of the default username/password or capture of weak password hashes is enough to gain admin rights. No sophisticated tooling is required, making the vulnerability actively exploitable in the wild.

Affected Products — Danelec MacGregor Voyage Data Recorder (VDR) G4e firmware < V5.250 (all versions prior to the vendor‑issued fix).

TPRM Impact — Shipping companies, port authorities, and logistics service providers that depend on VDR data for compliance, safety reporting, and operational analytics face:

  • Unauthorized alteration or deletion of voyage logs, jeopardizing regulatory compliance.
  • Potential disruption of vessel navigation and safety systems if the recorder is leveraged as a pivot point.
  • Down‑stream risk to third‑party analytics platforms that ingest VDR data, creating a supply‑chain attack vector.

Recommended Actions

  • Update firmware to Danelec’s V5.250 release at the earliest service attendance.
  • Reset all default credentials and enforce strong, unique passwords for each device.
  • Disable unnecessary remote‑access services and place VDRs on isolated VLANs or air‑gapped networks.
  • Implement continuous monitoring of VDR authentication logs and network traffic for anomalous activity.
  • Document remediation in your third‑party risk register and verify compliance during the next audit cycle.

Source: CISA Advisory – ICSA‑26‑148‑01

📰 Original Source
https://www.cisa.gov/news-events/ics-advisories/icsa-26-148-01

This LiveThreat Intelligence Brief is an independent analysis. Read the original reporting at the link above.

From the Verisq platform · Trust Operations

Misconfigurations are control gaps in disguise.

Verisq AI Trust Operations turns findings like this into mapped controls with continuous evidence, keeping your audit readiness current instead of point-in-time.

Map your controls with Verisq AI Trust Operations →