H3-2021-0015

Weak or Default Credentials - SNMP

Description

A weak or default SNMP community string was found. This security weakness exists because these credentials are frequently left unchanged during or after deployment. An attacker can exploit this weakness by using automated tools or manual techniques to guess the SNMP community strings, which are a type of password, to gain unauthorized access to network devices and their management functions.

Impact

Using the weak or default SNMP community string, an attacker can gain significant visibility into the device, such as its configuration, running processes and active network connections. Depending on the access level, they may also be able to reconfigure the device and potentially disrupt network operations.

References

• CWE-521: Weak Password Requirements
• MITRE ATT&CK Technique: T1110: Brute Force
• MITRE ATT&CK Technique: T1078.001: Valid Accounts: Default Accounts