CyberSec.Space Logo
返回 CVE 浏览器

CVE-2014-9197

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1810%
EPSS Percentile43.10th
Published2015年1月27日
Last Modified2026年5月6日

Vulnerability Description

The Schneider Electric ETG3000 FactoryCast HMI Gateway with firmware before 1.60 IR 04 stores rde.jar under the web root with insufficient access control, which allows remote attackers to obtain sensitive setup and configuration information via a direct request.

Affected Platforms (CPE)

💻
Schneider Electric

Etg3000 Factorycast Hmi Gateway Firmware

= 1.60.2
🔌
Schneider Electric

Tsxetg3000

All versions
🔌
Schneider Electric

Tsxetg3010

All versions
🔌
Schneider Electric

Tsxetg3021

All versions
🔌
Schneider Electric

Tsxetg3022

All versions

References & Advisories

🔗 https://www.cisa.gov/news-events/ics-advisories/icsa-15-020-02
🔗 https://ics-cert.us-cert.gov/advisories/ICSA-15-020-02

相关漏洞威胁

CVE-2014-919810.0

The FTP server on the Schneider Electric ETG3000 FactoryCast HMI Gateway with firmware through 1.60 IR 04 has hardcoded credential...

CVE-2014-052310.0

Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X allow attackers to execute arbitrary code...

CVE-2014-052610.0

Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X allow attackers to execute arbitrary code...

CVE-2014-052710.0

Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X allows at...