CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2014-9198

The FTP server on the Schneider Electric ETG3000 FactoryCast HMI Gateway with firmware through 1.60 IR 04 has hardcoded credentials, which makes it easier for remote attackers to obtain access via an FTP session.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.008

EPSS Ranking 73.8%

CVSS Severity

CVSS v2 Score 10.0

References

https://www.cisa.gov/news-events/ics-advisories/icsa-15-020-02
http://www.securityfocus.com/bid/72258
http://www.securityfocus.com/bid/77765
https://ics-cert.us-cert.gov/advisories/ICSA-15-020-02

Products affected by CVE-2014-9198

Schneider-Electric » Tsxetg3000 » Version: N/A

cpe:2.3:h:schneider-electric:tsxetg3000:-
Schneider-Electric » Tsxetg3010 » Version: N/A

cpe:2.3:h:schneider-electric:tsxetg3010:-
Schneider-Electric » Tsxetg3021 » Version: N/A

cpe:2.3:h:schneider-electric:tsxetg3021:-
Schneider-Electric » Tsxetg3022 » Version: N/A

cpe:2.3:h:schneider-electric:tsxetg3022:-
Schneider-Electric » Etg3000 Factorycast Hmi Gateway Firmware » Version: Any

cpe:2.3:o:schneider-electric:etg3000_factorycast_hmi_gateway_firmware:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2014-9198

Products

Pricing

Contact Us