Vulnerability Description
Saia Burgess PCD1.M0xx0, PCD1.M2xx0, PCD2.M5xx0, PCD3.Mxx60, PCD3.Mxxx0, PCD7.D4xxD, PCD7.D4xxV, PCD7.D4xxWTPF, and PCD7.D4xxxT5F devices before 1.24.50 and PCD3.T665 and PCD3.T666 devices before 1.24.41 have hardcoded credentials, which allows remote attackers to obtain administrative access via an FTP session.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Saia Burgess Controls | Pcd7.D4Xxv Vga Mb Firmware | <= 1.24.41 |
| Saia Burgess Controls | Pcd7.D4Xxv Vga Mb | - |
| Saia Burgess Controls | Pcd7.D4Xxd Firmware | <= 1.24.41 |
| Saia Burgess Controls | Pcd7.D4Xxd | - |
| Saia Burgess Controls | Pcd3.Mxxx0 Firmware | <= 1.24.25 |
| Saia Burgess Controls | Pcd3.Mxxx0 | - |
| Saia Burgess Controls | Pcd7.D4Xxd Svga Mb Firmware | <= 1.24.41 |
| Saia Burgess Controls | Pcd7.D4Xxd Svga Mb | - |
| Saia Burgess Controls | Pcd3.T666 Firmware | <= 1.24.30 |
| Saia Burgess Controls | Pcd3.T666 | - |
| Saia Burgess Controls | Pcd1.M2Xx0 Firmware | <= 1.24.25 |
| Saia Burgess Controls | Pcd1.M2Xx0 | - |
| Saia Burgess Controls | Pcd3.Mxx60 Firmware | <= 1.24.25 |
| Saia Burgess Controls | Pcd3.Mxx60 | - |
| Saia Burgess Controls | Pcd3.T665 Firmware | <= 1.24.30 |
| Saia Burgess Controls | Pcd3.T665 | <= - |
| Saia Burgess Controls | Pcd2.M5Xx0 Firmware | <= 1.24.25 |
| Saia Burgess Controls | Pcd2.M5Xx0 | - |
| Saia Burgess Controls | Pcd7.D4Xxwtpf Wvga Mb | - |
| Saia Burgess Controls | Pcd7.D4Xxwtpf Wvga Mb Firmware | 1.24.41 |
Related Weaknesses (CWE)
References
- https://ics-cert.us-cert.gov/advisories/ICSA-15-335-01PatchThird Party AdvisoryUS Government Resource
- https://ics-cert.us-cert.gov/advisories/ICSA-15-335-01PatchThird Party AdvisoryUS Government Resource
FAQ
What is CVE-2015-7911?
CVE-2015-7911 is a vulnerability with a CVSS score of 9.1 (CRITICAL). Saia Burgess PCD1.M0xx0, PCD1.M2xx0, PCD2.M5xx0, PCD3.Mxx60, PCD3.Mxxx0, PCD7.D4xxD, PCD7.D4xxV, PCD7.D4xxWTPF, and PCD7.D4xxxT5F devices before 1.24.50 and PCD3.T665 and PCD3.T666 devices before 1.24...
How severe is CVE-2015-7911?
CVE-2015-7911 has been rated CRITICAL with a CVSS base score of 9.1/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2015-7911?
Check the references section above for vendor advisories and patch information. Affected products include: Saia Burgess Controls Pcd7.D4Xxv Vga Mb Firmware, Saia Burgess Controls Pcd7.D4Xxv Vga Mb, Saia Burgess Controls Pcd7.D4Xxd Firmware, Saia Burgess Controls Pcd7.D4Xxd, Saia Burgess Controls Pcd3.Mxxx0 Firmware.