1. Home
  2. CVE Database
  3. CVE-2009-4463
HIGH · 10.0

CVE-2009-4463

Intellicom NetBiter WebSCADA devices use default passwords for the HICP network configuration service, which makes it easier for remote attackers to modify network settings and cause a denial of servi...

Vulnerability Description

Intellicom NetBiter WebSCADA devices use default passwords for the HICP network configuration service, which makes it easier for remote attackers to modify network settings and cause a denial of service. NOTE: this is only a vulnerability when the administrator does not follow recommendations in the product's installation documentation. NOTE: this issue was originally reported to be hard-coded passwords, not default passwords.

CVSS Score

10.0

HIGH

AV:N/AC:L/Au:N/C:C/I:C/A:C
Confidentiality
COMPLETE
Integrity
COMPLETE
Availability
COMPLETE

Affected Products

VendorProductVersions
IntellicomNetbiter Webscada Firmware3.11.0
IntellicomNetbiter Webscada Ws100All versions
IntellicomNetbiter Webscada Ws200All versions

Related Weaknesses (CWE)

CWE-255

References

FAQ

What is CVE-2009-4463?

CVE-2009-4463 is a vulnerability with a CVSS score of 10.0 (HIGH). Intellicom NetBiter WebSCADA devices use default passwords for the HICP network configuration service, which makes it easier for remote attackers to modify network settings and cause a denial of servi...

How severe is CVE-2009-4463?

CVE-2009-4463 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2009-4463?

Check the references section above for vendor advisories and patch information. Affected products include: Intellicom Netbiter Webscada Firmware, Intellicom Netbiter Webscada Ws100, Intellicom Netbiter Webscada Ws200.