{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6889?format=json","vulnerability_id":"VCID-sz31-pb9u-73eh","summary":"Tesla/SolarCity's ConnectPort X2e firmware stored cleartext credentials for the local user `python` in compiled Python (\"PYC\") files. This password could be used by a malicious user to establish an SSH connection to a X2e device as this user.","aliases":[{"alias":"CVE-2020-9306"},{"alias":" FEYE-2020-0019"}],"fixed_packages":[],"affected_packages":[],"references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-9306","reference_id":"","reference_type":"","scores":[{"value":"0.00222","scoring_system":"epss","scoring_elements":"0.44876","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-9306"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9306","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9306"},{"reference_url":"https://www.fireeye.com/blog/threat-research/2021/02/solarcity-exploitation-of-x2e-iot-device-part-one.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.fireeye.com/blog/threat-research/2021/02/solarcity-exploitation-of-x2e-iot-device-part-one.html"},{"reference_url":"https://www.fireeye.com/blog/threat-research/2021/02/solarcity-exploitation-of-x2e-iot-device-part-two.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.fireeye.com/blog/threat-research/2021/02/solarcity-exploitation-of-x2e-iot-device-part-two.html"}],"weaknesses":[],"exploits":[],"severity_range_score":null,"exploitability":null,"weighted_severity":null,"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sz31-pb9u-73eh"}