ID
VAR-E-201501-0004
CVE
| cve_id: | CVE-2014-9198 | Trust: 0.3 |
sources:
BID: 72258
TITLE
Schneider Electric ETG3000 FactoryCast HMI Gateway Authentication Bypass Vulnerability
Trust: 0.3
sources:
BID: 72258
DESCRIPTION
Schneider Electric ETG3000 FactoryCast HMI Gateway is prone to an authentication-bypass vulnerability.
An attacker can exploit this issue to bypass the authentication mechanism and gain unauthorized access to the affected device. This may aid in further attacks.
Trust: 0.3
sources:
BID: 72258
AFFECTED PRODUCTS
| vendor: | schneider electric | model: | tsxetg3022 | scope: | eq | version: | - | Trust: 0.3 |
| vendor: | schneider electric | model: | tsxetg3021 | scope: | eq | version: | - | Trust: 0.3 |
| vendor: | schneider electric | model: | tsxetg3010 | scope: | eq | version: | - | Trust: 0.3 |
| vendor: | schneider electric | model: | tsxetg3000 | scope: | eq | version: | - | Trust: 0.3 |
| vendor: | schneider electric | model: | etg3000 factorycast hmi gateway | scope: | eq | version: | 1.60.4 | Trust: 0.3 |
| vendor: | schneider electric | model: | etg3000 factorycast hmi gateway tsxetg3022 | scope: | - | version: | - | Trust: 0.3 |
| vendor: | schneider electric | model: | etg3000 factorycast hmi gateway tsxetg3021 | scope: | - | version: | - | Trust: 0.3 |
| vendor: | schneider electric | model: | etg3000 factorycast hmi gateway tsxetg3010 | scope: | - | version: | - | Trust: 0.3 |
| vendor: | schneider electric | model: | etg3000 factorycast hmi gateway tsxetg3000 | scope: | - | version: | - | Trust: 0.3 |
| vendor: | schneider electric | model: | etg3000 factorycast hmi gateway ir | scope: | eq | version: | 1.6004 | Trust: 0.3 |
sources:
BID: 72258
EXPLOIT
Attackers can exploit this issue using readily available utilities.
Trust: 0.3
sources:
BID: 72258
PRICE
Free
Trust: 0.3
sources:
BID: 72258
TYPE
Design Error
Trust: 0.3
sources:
BID: 72258
CREDITS
Narendra Shinde of Qualys Security
Trust: 0.3
sources:
BID: 72258
EXTERNAL IDS
| db: | ICS CERT | id: | ICSA-15-020-02 | Trust: 0.3 |
| db: | NVD | id: | CVE-2014-9198 | Trust: 0.3 |
| db: | BID | id: | 72258 | Trust: 0.3 |
sources:
BID: 72258
REFERENCES
| url: | http://www.schneider-electric.com/site/home/index.cfm/ww/?selectcountry=true | Trust: 0.3 |
| url: | https://ics-cert.us-cert.gov/advisories/icsa-15-020-02 | Trust: 0.3 |
sources:
BID: 72258
SOURCES
| db: | BID | id: | 72258 |
LAST UPDATE DATE
2022-07-27T09:27:23.837000+00:00
SOURCES UPDATE DATE
| db: | BID | id: | 72258 | date: | 2019-04-12T19:00:00 |
SOURCES RELEASE DATE
| db: | BID | id: | 72258 | date: | 2015-01-21T00:00:00 |