Description
The FTP server on the Schneider Electric ETG3000 FactoryCast HMI Gateway with firmware through 1.60 IR 04 has hardcoded credentials, which makes it easier for remote attackers to obtain access via an FTP session.
References (4)
Core 4
Core References
Patch, US Government Resource
https://ics-cert.us-cert.gov/advisories/ICSA-15-020-02
Third Party Advisory, US Government Resource
https://www.cisa.gov/news-events/ics-advisories/icsa-15-020-02
Third Party Advisory, VDB Entry
http://www.securityfocus.com/bid/72258
Third Party Advisory, VDB Entry
http://www.securityfocus.com/bid/77765
Scores
EPSS
0.0082
EPSS Percentile
74.6%
Details
CWE
CWE-255
CWE-798
Status
published
Products (9)
Schneider Electric/ETG3000 FactoryCast HMI Gateway
TSXETG3000
Schneider Electric/ETG3000 FactoryCast HMI Gateway
TSXETG3010
Schneider Electric/ETG3000 FactoryCast HMI Gateway
TSXETG3021
Schneider Electric/ETG3000 FactoryCast HMI Gateway
TSXETG3022
schneider-electric/etg3000_factorycast_hmi_gateway_firmware
< 1.60.4
schneider-electric/tsxetg3000
schneider-electric/tsxetg3010
schneider-electric/tsxetg3021
schneider-electric/tsxetg3022
Published
Jan 27, 2015
Tracked Since
Feb 18, 2026