Description
The Schneider Electric Magelis XBT HMI controller has a default password for authentication of configuration uploads, which makes it easier for remote attackers to bypass intended access restrictions via crafted configuration data.
References (1)
Core 1
Core References
US Government Resource x_refsource_misc
http://ics-cert.us-cert.gov/pdf/ICSA-13-077-01A.pdf
Scores
EPSS
0.0008
EPSS Percentile
24.2%
Details
CWE
CWE-255
CWE-352
Status
published
Products (1)
schneider-electric/magelis_xbt_hmi
Published
Apr 04, 2013
Tracked Since
Feb 18, 2026