Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-9198

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2014-9198
Last Modified 28 Jan 2015 02:33:49
Published 27 Jan 2015 02:59:10
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2014-9198

Summary

The FTP server on the Schneider Electric ETG3000 FactoryCast HMI Gateway with firmware through 1.60 IR 04 has hardcoded credentials, which makes it easier for remote attackers to obtain access via an FTP session.

Vulnerable Systems

Operating System

  • Schneider-electric Etg3000 Factorycast Hmi Gateway Firmware 1.60.4


References

MISC - https://ics-cert.us-cert.gov/advisories/ICSA-15-020-02


Last Updated: 27 May 2016 11:07:38