Researchers say they have found what is essentially a skeleton key for an ID and access control system. The company that sells the system, PDC IDenticard of Manheim, Pennsylvania, allegedly didn’t respond and has not issued patches. PDC says it missed Tenable’s communications but that it does plan to fix the problems. The skeleton key is a hard-coded credential – a security disaster – within the software, which is used for creating ID cards, remotely managing physical access, viewing access log records.”]
Source: https://www.cuinfosecurity.com/hard-coded-credentials-found-in-id-access-control-software-a-11937