The administrative interface listens by default on all interfaces on a TCP port and does not require authentication when being accessed.CreditsMichael Heinzl reported these vulnerabilities to CISA.Referenceshttps://www.cisa.gov/news-events/ics-advisories/icsa-24-326-07