CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2015-3974

EasyIO EasyIO-30P-SF controllers with firmware before 0.5.21 and 2.x before 2.0.5.21, as used in Accutrol, Bar-Tech Automation, Infocon/EasyIO, Honeywell Automation India, Johnson Controls, SyxthSENSE, Transformative Wave Technologies, Tridium Asia Pacific, and Tridium Europe products, have a hardcoded password, which makes it easier for remote attackers to obtain access via unspecified vectors.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 61.7%

CVSS Severity

CVSS v2 Score 9.0

References

https://ics-cert.us-cert.gov/advisories/ICSA-15-237-02
https://ics-cert.us-cert.gov/advisories/ICSA-15-237-02

Products affected by CVE-2015-3974

Easyio » Easyio-30p-Sf » Version: Any

cpe:2.3:h:easyio:easyio-30p-sf:*
Easyio » Easyio-30p-Sf Firmware » Version: Any

cpe:2.3:o:easyio:easyio-30p-sf_firmware:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2015-3974

Products

Pricing

Contact Us