Lucene search
HistoryJan 27, 2015 - 7:59 p.m.
CVE-2014-9198
cve-2014-9198
ftp server
schneider electric
etg3000 factorycast hmi gateway
hardcoded credentials
remote attackers
access
ftp session
firmware
10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
7 High
AI Score
Confidence
Low
0.007 Low
EPSS
Percentile
80.7%
The FTP server on the Schneider Electric ETG3000 FactoryCast HMI Gateway with firmware through 1.60 IR 04 has hardcoded credentials, which makes it easier for remote attackers to obtain access via an FTP session.
Affected configurations
Node
schneider-electricetg3000_factorycast_hmi_gateway_firmwareRange≤1.60.4
schneider-electrictsxetg3000Match-
ORschneider-electrictsxetg3010Match-
ORschneider-electrictsxetg3021Match-
ORschneider-electrictsxetg3022Match-
Related
prion
prion
Hardcoded credentials
2015-01-27 19:59:00
nvd
nvd
CVE-2014-9198
2015-01-27 19:59:10
cvelist
cvelist
CVE-2014-9198
2015-01-27 11:00:00
ics
ics
Schneider Electric ETG3000 FactoryCast HMI Gateway Vulnerabilities
2018-08-29 12:00:00
10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
7 High
AI Score
Confidence
Low
0.007 Low
EPSS
Percentile
80.7%
Related for CVE-2014-9198