Vulnerability Description
TCPUploader module listens on Port 10651/TCP for incoming connections. Exploitation of this vulnerability could allow a remote unauthenticated user access to release OS version information. While this is a minor vulnerability, it represents a method for further network reconnaissance.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Progea | Movicon | 11.4 |
Related Weaknesses (CWE)
References
- http://www.progea.com/it-it/downloads/software.aspx
- https://www.cisa.gov/news-events/ics-advisories/icsa-14-105-01
- http://ics-cert.us-cert.gov/advisories/ICSA-14-105-01US Government Resource
FAQ
What is CVE-2014-0778?
CVE-2014-0778 is a vulnerability with a CVSS score of 4.3 (MEDIUM). TCPUploader module listens on Port 10651/TCP for incoming connections. Exploitation of this vulnerability could allow a remote unauthenticated user access to release OS version information. While th...
How severe is CVE-2014-0778?
CVE-2014-0778 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2014-0778?
Check the references section above for vendor advisories and patch information. Affected products include: Progea Movicon.