CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2014-9198

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0800%
EPSS Percentile43.12th
Published2015年1月27日
Last Modified2026年5月6日

Vulnerability Description

The FTP server on the Schneider Electric ETG3000 FactoryCast HMI Gateway with firmware through 1.60 IR 04 has hardcoded credentials, which makes it easier for remote attackers to obtain access via an FTP session.

Affected Platforms (CPE)

💻
Schneider Electric

Etg3000 Factorycast Hmi Gateway Firmware

<= 1.60.4
🔌
Schneider Electric

Tsxetg3000

All versions
🔌
Schneider Electric

Tsxetg3010

All versions
🔌
Schneider Electric

Tsxetg3021

All versions
🔌
Schneider Electric

Tsxetg3022

All versions

References & Advisories

🔗 https://www.cisa.gov/news-events/ics-advisories/icsa-15-020-02
🔗 http://www.securityfocus.com/bid/72258
🔗 http://www.securityfocus.com/bid/77765
🔗 https://ics-cert.us-cert.gov/advisories/ICSA-15-020-02

相關漏洞威脅

CVE-2014-919710.0

The Schneider Electric ETG3000 FactoryCast HMI Gateway with firmware before 1.60 IR 04 stores rde.jar under the web root with insu...

CVE-2014-052310.0

Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X allow attackers to execute arbitrary code...

CVE-2014-844710.0

Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow attackers to execute arbitrary code...

CVE-2014-198210.0

The administrative interface in Allied Telesis AT-RG634A ADSL Broadband router 3.3+, iMG624A firmware 3.5, iMG616LH firmware 2.4, ...