Details of VAR-201501-0402

ID

VAR-201501-0402

CVE

CVE-2014-9197

TITLE

Schneider Electric ETG3000 FactoryCast HMI Gateway Unauthorized Access Vulnerability

Trust: 0.8

sources: IVD: a627b6e2-2351-11e6-abef-000c29c66e3d // CNVD: CNVD-2015-00648

DESCRIPTION

The Schneider Electric ETG3000 FactoryCast HMI Gateway with firmware before 1.60 IR 04 stores rde.jar under the web root with insufficient access control, which allows remote attackers to obtain sensitive setup and configuration information via a direct request. Supplementary information : CWE Vulnerability type by CWE-284: Improper Access Control ( Inappropriate access control ) Has been identified. Schneider Electric ETG3000 FactoryCast HMI Gateway is a web-based SCADA system. The vulnerability is caused by the program not enforcing adequate access controls when storing the rde.jar file in the web root directory

Trust: 2.7

sources: NVD: CVE-2014-9197 // JVNDB: JVNDB-2014-007803 // CNVD: CNVD-2015-00648 // BID: 72254 // IVD: a627b6e2-2351-11e6-abef-000c29c66e3d // VULHUB: VHN-77142

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 0.8

sources: IVD: a627b6e2-2351-11e6-abef-000c29c66e3d // CNVD: CNVD-2015-00648

AFFECTED PRODUCTS

vendor:	schneider electric	model:	etg3000 factorycast hmi gateway	scope:	eq	version:	1.60.2	Trust: 1.6
vendor:	schneider electric	model:	tsxetg3022	scope:	eq	version:	-	Trust: 1.0
vendor:	schneider electric	model:	tsxetg3021	scope:	eq	version:	-	Trust: 1.0
vendor:	schneider electric	model:	tsxetg3000	scope:	eq	version:	-	Trust: 1.0
vendor:	schneider electric	model:	tsxetg3010	scope:	eq	version:	-	Trust: 1.0
vendor:	schneider electric	model:	etg3000 factorycast hmi gateway	scope:	lt	version:	1.60 ir 04	Trust: 0.8
vendor:	schneider electric	model:	tsxetg3000	scope:	-	version:	-	Trust: 0.8
vendor:	schneider electric	model:	tsxetg3010	scope:	-	version:	-	Trust: 0.8
vendor:	schneider electric	model:	tsxetg3021	scope:	-	version:	-	Trust: 0.8
vendor:	schneider electric	model:	tsxetg3022	scope:	-	version:	-	Trust: 0.8
vendor:	schneider	model:	electric etg3000 factorycast hmi gateway	scope:	-	version:	-	Trust: 0.6
vendor:	schneider electric	model:	etg3000 factorycast hmi gateway tsxetg3022	scope:	-	version:	-	Trust: 0.3
vendor:	schneider electric	model:	etg3000 factorycast hmi gateway tsxetg3021	scope:	-	version:	-	Trust: 0.3
vendor:	schneider electric	model:	etg3000 factorycast hmi gateway tsxetg3010	scope:	-	version:	-	Trust: 0.3
vendor:	schneider electric	model:	etg3000 factorycast hmi gateway tsxetg3000	scope:	-	version:	-	Trust: 0.3
vendor:	etg3000 factorycast hmi gateway	model:	-	scope:	eq	version:	1.60.2	Trust: 0.2
vendor:	tsxetg3000	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	tsxetg3010	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	tsxetg3021	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	tsxetg3022	model:	-	scope:	eq	version:	-	Trust: 0.2

sources: IVD: a627b6e2-2351-11e6-abef-000c29c66e3d // CNVD: CNVD-2015-00648 // BID: 72254 // CNNVD: CNNVD-201501-616 // JVNDB: JVNDB-2014-007803 // NVD: CVE-2014-9197

CVSS

SEVERITY

CVSSV2

CVSSV3

ics-cert@hq.dhs.gov:	CVE-2014-9197
value:	HIGH
Trust: 1.0
nvd@nist.gov:	CVE-2014-9197
value:	HIGH
Trust: 1.0
NVD:	CVE-2014-9197
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2015-00648
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-201501-616
value:	HIGH
Trust: 0.6
IVD:	a627b6e2-2351-11e6-abef-000c29c66e3d
value:	HIGH
Trust: 0.2
VULHUB:	VHN-77142
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2014-9197
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:C/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
ics-cert@hq.dhs.gov:	CVE-2014-9197
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
CNVD:	CNVD-2015-00648
severity:	MEDIUM
baseScore:	6.4
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	4.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
IVD:	a627b6e2-2351-11e6-abef-000c29c66e3d
severity:	MEDIUM
baseScore:	6.4
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	4.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2
VULHUB:	VHN-77142
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:C/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: IVD: a627b6e2-2351-11e6-abef-000c29c66e3d // CNVD: CNVD-2015-00648 // VULHUB: VHN-77142 // CNNVD: CNNVD-201501-616 // JVNDB: JVNDB-2014-007803 // NVD: CVE-2014-9197 // NVD: CVE-2014-9197

PROBLEMTYPE DATA

problemtype:	CWE-284	Trust: 1.1
problemtype:	CWE-306	Trust: 1.0
problemtype:	CWE-Other	Trust: 0.8

sources: VULHUB: VHN-77142 // JVNDB: JVNDB-2014-007803 // NVD: CVE-2014-9197

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201501-616

TYPE

permissions and access control

Trust: 0.6

sources: CNNVD: CNNVD-201501-616

CONFIGURATIONS

sources: JVNDB: JVNDB-2014-007803

PATCH

title:	TSX ETG 30xx V1.60 IR04	url:	http://www.schneider-electric.com/download/WW/EN/details/681790255-TSXETG30xx-V160-IR4/?showAsIframe=true&reference=ETG30xxV160-IR04	Trust: 0.8
title:	Schneider Electric ETG3000 FactoryCast HMI Gateway Unauthorized Access Vulnerability Patch	url:	https://www.cnvd.org.cn/patchInfo/show/54277	Trust: 0.6
title:	ETG30xx_V1.60.4_UpgradeFw	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=53568	Trust: 0.6

sources: CNVD: CNVD-2015-00648 // CNNVD: CNNVD-201501-616 // JVNDB: JVNDB-2014-007803

EXTERNAL IDS

db:	NVD	id:	CVE-2014-9197	Trust: 3.6
db:	ICS CERT	id:	ICSA-15-020-02	Trust: 2.8
db:	BID	id:	72254	Trust: 1.6
db:	CNNVD	id:	CNNVD-201501-616	Trust: 0.9
db:	CNVD	id:	CNVD-2015-00648	Trust: 0.8
db:	JVNDB	id:	JVNDB-2014-007803	Trust: 0.8
db:	IVD	id:	A627B6E2-2351-11E6-ABEF-000C29C66E3D	Trust: 0.2
db:	VULHUB	id:	VHN-77142	Trust: 0.1

sources: IVD: a627b6e2-2351-11e6-abef-000c29c66e3d // CNVD: CNVD-2015-00648 // VULHUB: VHN-77142 // BID: 72254 // CNNVD: CNNVD-201501-616 // JVNDB: JVNDB-2014-007803 // NVD: CVE-2014-9197

REFERENCES

url:	https://ics-cert.us-cert.gov/advisories/icsa-15-020-02	Trust: 2.8
url:	http://www.securityfocus.com/bid/72254	Trust: 1.2
url:	https://www.cisa.gov/news-events/ics-advisories/icsa-15-020-02	Trust: 1.0
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-9197	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-9197	Trust: 0.8
url:	http://www.schneider-electric.com/site/home/index.cfm/ww/?selectcountry=true	Trust: 0.3

sources: CNVD: CNVD-2015-00648 // VULHUB: VHN-77142 // BID: 72254 // CNNVD: CNNVD-201501-616 // JVNDB: JVNDB-2014-007803 // NVD: CVE-2014-9197

CREDITS

Narendra Shinde of Qualys Security

Trust: 0.9

sources: BID: 72254 // CNNVD: CNNVD-201501-616

SOURCES

db:	IVD	id:	a627b6e2-2351-11e6-abef-000c29c66e3d
db:	CNVD	id:	CNVD-2015-00648
db:	VULHUB	id:	VHN-77142
db:	BID	id:	72254
db:	CNNVD	id:	CNNVD-201501-616
db:	JVNDB	id:	JVNDB-2014-007803
db:	NVD	id:	CVE-2014-9197

LAST UPDATE DATE

2025-09-07T23:19:23.671000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2015-00648	date:	2015-01-27T00:00:00
db:	VULHUB	id:	VHN-77142	date:	2015-01-28T00:00:00
db:	BID	id:	72254	date:	2015-01-20T00:00:00
db:	CNNVD	id:	CNNVD-201501-616	date:	2015-01-28T00:00:00
db:	JVNDB	id:	JVNDB-2014-007803	date:	2015-01-29T00:00:00
db:	NVD	id:	CVE-2014-9197	date:	2025-09-05T22:15:33.210

SOURCES RELEASE DATE

db:	IVD	id:	a627b6e2-2351-11e6-abef-000c29c66e3d	date:	2015-01-27T00:00:00
db:	CNVD	id:	CNVD-2015-00648	date:	2015-01-27T00:00:00
db:	VULHUB	id:	VHN-77142	date:	2015-01-27T00:00:00
db:	BID	id:	72254	date:	2015-01-20T00:00:00
db:	CNNVD	id:	CNNVD-201501-616	date:	2015-01-26T00:00:00
db:	JVNDB	id:	JVNDB-2014-007803	date:	2015-01-29T00:00:00
db:	NVD	id:	CVE-2014-9197	date:	2015-01-27T19:59:00.040