Hardcoded Credentials
Adversaries may leverage credentials that are hardcoded in software or firmware to gain an unauthorized interactive user session to an asset. Examples credentials that may be hardcoded in an asset include:
Senses
Sense 1
Adversaries may leverage credentials that are hardcoded in software or firmware to gain an unauthorized interactive user session to an asset. Examples credentials that may be hardcoded in an asset include:
- Username/Passwords
- Cryptographic keys/Certificates
- API tokens
Unlike Default Credentials, these credentials are built into the system in a way that they either cannot be changed by the asset owner, or may be infeasible to change because of the impact it would cause to the control system operation. These credentials may be reused across whole product lines or device models and are often not published or known to the owner and operators of the asset.
Adversaries may utilize these hardcoded credentials to move throughout the control system environment or provide reliable access for their tools to interact with industrial assets.
- MITRE ATT&CK (ICS, CTI STIX Data)Jan 06, 2026MITRE ATT&CK CTI (STIX bundle)https://raw.githubusercontent.com/mitre-attack/attack-stix-data/master/ics-attack/ics-attack.jsonSee repository LICENSE.txt for ATT&CK terms: non-exclusive royalty-free license; reproduce MITRE copyright + license in copies. Verify requirements before publishing quoted text.Source: MITRE ATT&CK (attack-stix-data).