PatchSiren cyber security CVE debrief
CVE-2026-42929 Danelec CVE debrief
CVE-2026-42929 documents hard-coded credentials in default accounts within the Danelec MacGregor Voyage Data Recorder (VDR), a maritime safety system used to record ship operational data. The vulnerability carries a CVSS 4.0 score of 8.7 (HIGH severity), with an attack vector of Adjacent (AV:A), requiring no privileges (PR:N) and no user interaction (UI:N), enabling complete confidentiality compromise (VC:H) and integrity compromise (VI:H) with limited availability impact (VA:L). The weakness is classified as CWE-798: Use of Hard-coded Credentials. CISA published advisory ICSA-26-148-01 on 2026-05-29, the same date as CVE publication. No known exploitation in ransomware campaigns has been reported, and the vulnerability is not listed in CISA's Known Exploited Vulnerabilities (KEV) catalog. The affected vendor is Danelec Marine, with product contact available through their official channels.
- Vendor
- Danelec
- Product
- MacGregor Voyage Data Recorder (VDR) G4e
- CVSS
- HIGH 8.7
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-05-29
- Original CVE updated
- 2026-05-29
- Advisory published
- 2026-05-29
- Advisory updated
- 2026-05-29
Who should care
Maritime operators, vessel IT/security teams, port facility security officers, classification societies conducting cybersecurity audits, and maritime regulatory compliance personnel responsible for SOLAS VDR requirements should prioritize assessment of this vulnerability due to its potential to compromise voyage data integrity and vessel safety system security.
Technical summary
The Danelec MacGregor Voyage Data Recorder contains default accounts with hard-coded credentials that cannot be changed by end users. An attacker with adjacent network access can authenticate to these accounts without prior privileges or user interaction, gaining high-level access to confidential voyage data and system integrity controls. The CVSS 4.0 score of 8.7 reflects significant confidentiality and integrity impact with limited availability disruption. This vulnerability affects maritime operational technology environments where VDR systems are deployed for regulatory compliance and incident investigation purposes.
Defensive priority
HIGH
Recommended defensive actions
- Identify all Danelec MacGregor VDR systems within maritime operational technology environments and verify firmware versions against CISA advisory ICSA-26-148-01 guidance
- Change default credentials on all identified VDR systems immediately; if password changes are not supported by the vendor, implement network segmentation to restrict adjacent network access to VDR management interfaces
- Contact Danelec Marine technical support to obtain patched firmware or remediation guidance specific to your VDR model and deployment configuration
- Monitor network traffic to VDR systems for unauthorized access attempts, particularly from adjacent network segments where the attack vector originates
- Review and update maritime cybersecurity procedures to include hard-coded credential checks during vessel security assessments and pre-departure verification protocols
Evidence notes
CISA ICS-CERT advisory ICSA-26-148-01 provides authoritative technical details. CVSS 4.0 vector confirms adjacent network attack surface with high impact on confidentiality and integrity. CWE-798 classification from primary source. No KEV listing or ransomware use documented. Vendor identification derived from reference domain evidence with low confidence flag for review.
Official resources
2026-05-29