Lucene search
HistoryJan 27, 2015 - 7:59 p.m.
CVE-2014-9198
10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
6.7 Medium
AI Score
Confidence
Low
0.007 Low
EPSS
Percentile
80.7%
The FTP server on the Schneider Electric ETG3000 FactoryCast HMI Gateway with firmware through 1.60 IR 04 has hardcoded credentials, which makes it easier for remote attackers to obtain access via an FTP session.
Affected configurations
Node
schneider-electricetg3000_factorycast_hmi_gateway_firmwareRange≤1.60.4
schneider-electrictsxetg3000Match-
ORschneider-electrictsxetg3010Match-
ORschneider-electrictsxetg3021Match-
ORschneider-electrictsxetg3022Match-
Related
cve
cve
CVE-2014-9198
2015-01-27 19:59:10
prion
prion
Hardcoded credentials
2015-01-27 19:59:00
cvelist
cvelist
CVE-2014-9198
2015-01-27 11:00:00
ics
ics
Schneider Electric ETG3000 FactoryCast HMI Gateway Vulnerabilities
2018-08-29 12:00:00
10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
6.7 Medium
AI Score
Confidence
Low
0.007 Low
EPSS
Percentile
80.7%
Related for NVD:CVE-2014-9198