10
CVE-2014-9198
- EPSS 0.82%
- Veröffentlicht 27.01.2015 19:59:10
- Zuletzt bearbeitet 05.09.2025 22:15:33
- Quelle ics-cert@hq.dhs.gov
- Teams Watchlist Login
- Unerledigt Login
The FTP server on the Schneider Electric ETG3000 FactoryCast HMI Gateway with firmware through 1.60 IR 04 has hardcoded credentials, which makes it easier for remote attackers to obtain access via an FTP session.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Schneider-electric ≫ Etg3000 Factorycast Hmi Gateway Firmware Version <= 1.60.4
Schneider-electric ≫ Tsxetg3000 Version-
Schneider-electric ≫ Tsxetg3010 Version-
Schneider-electric ≫ Tsxetg3021 Version-
Schneider-electric ≫ Tsxetg3022 Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.82% | 0.736 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 10 | 10 | 10 |
AV:N/AC:L/Au:N/C:C/I:C/A:C
|
| ics-cert@hq.dhs.gov | 10 | 10 | 10 |
AV:N/AC:L/Au:N/C:C/I:C/A:C
|
CWE-798 Use of Hard-coded Credentials
The product contains hard-coded credentials, such as a password or cryptographic key.