The Bently Nevada 3700 series of condition monitoring equipment through 2022-04-29 has a maintenance interface on port 4001/TCP with undocumented, hardcoded credentials. An attacker capable of connecting to this interface can thus trivially take over its functionality.
Add your gear to cvedb and we'll alert you only when bakerhughes ships something exploited.
Check my exposure →This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.