CyberSec.Space Logo
CVEブラウザに戻る

CVE-2014-9198

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0800%
EPSS Percentile43.12th
Published2015年1月27日
Last Modified2026年5月6日

Vulnerability Description

The FTP server on the Schneider Electric ETG3000 FactoryCast HMI Gateway with firmware through 1.60 IR 04 has hardcoded credentials, which makes it easier for remote attackers to obtain access via an FTP session.

Affected Platforms (CPE)

💻
Schneider Electric

Etg3000 Factorycast Hmi Gateway Firmware

<= 1.60.4
🔌
Schneider Electric

Tsxetg3000

All versions
🔌
Schneider Electric

Tsxetg3010

All versions
🔌
Schneider Electric

Tsxetg3021

All versions
🔌
Schneider Electric

Tsxetg3022

All versions

References & Advisories

🔗 https://www.cisa.gov/news-events/ics-advisories/icsa-15-020-02
🔗 http://www.securityfocus.com/bid/72258
🔗 http://www.securityfocus.com/bid/77765
🔗 https://ics-cert.us-cert.gov/advisories/ICSA-15-020-02

関連する脆弱性情報

CVE-2014-919710.0

The Schneider Electric ETG3000 FactoryCast HMI Gateway with firmware before 1.60 IR 04 stores rde.jar under the web root with insu...

CVE-2014-052410.0

Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X allow attackers to execute arbitrary code...

CVE-2014-052610.0

Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X allow attackers to execute arbitrary code...

CVE-2014-052710.0

Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X allows at...