CVE-2014-9198 — HIGH (10.0)

Q: How severe is CVE-2014-9198?

CVE-2014-9198 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2014-9198?

Check the references section above for vendor advisories and patch information. Affected products include: Schneider-Electric Etg3000 Factorycast Hmi Gateway Firmware, Schneider-Electric Tsxetg3000, Schneider-Electric Tsxetg3010, Schneider-Electric Tsxetg3021, Schneider-Electric Tsxetg3022.

Vulnerability Description

The FTP server on the Schneider Electric ETG3000 FactoryCast HMI Gateway with firmware through 1.60 IR 04 has hardcoded credentials, which makes it easier for remote attackers to obtain access via an FTP session.

CVSS Score

10.0

HIGH

AV:N/AC:L/Au:N/C:C/I:C/A:C

Confidentiality

COMPLETE

Integrity

COMPLETE

Availability

COMPLETE

Affected Products

Vendor	Product	Versions
Schneider-Electric	Etg3000 Factorycast Hmi Gateway Firmware	<= 1.60.4
Schneider-Electric	Tsxetg3000	-
Schneider-Electric	Tsxetg3010	-
Schneider-Electric	Tsxetg3021	-
Schneider-Electric	Tsxetg3022	-

Related Weaknesses (CWE)

CWE-255 CWE-798

References

FAQ

What is CVE-2014-9198?

CVE-2014-9198 is a vulnerability with a CVSS score of 10.0 (HIGH). The FTP server on the Schneider Electric ETG3000 FactoryCast HMI Gateway with firmware through 1.60 IR 04 has hardcoded credentials, which makes it easier for remote attackers to obtain access via an ...

How severe is CVE-2014-9198?

CVE-2014-9198 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2014-9198?

Check the references section above for vendor advisories and patch information. Affected products include: Schneider-Electric Etg3000 Factorycast Hmi Gateway Firmware, Schneider-Electric Tsxetg3000, Schneider-Electric Tsxetg3010, Schneider-Electric Tsxetg3021, Schneider-Electric Tsxetg3022.