Axeda agent (All versions) and Axeda Desktop Server for Windows (All versions) uses hard-coded credentials for its UltraVNC installation. Successful exploitation of this vulnerability could allow a remote authenticated attacker to take full remote control of the host operating system.
Credits
Yuval Shoshani and Elad Luz of CyberMDX and Vedere Labs reported these vulnerabilities to PTC
