CVE-2016-4520
CRITICALSchneider Electric Pelco Digital Sentry <7.14 - RCE
Title source: llmDescription
Schneider Electric Pelco Digital Sentry Video Management System with firmware before 7.14 has hardcoded credentials, which allows remote attackers to obtain access, and consequently execute arbitrary code, via unspecified vectors.
References (3)
Core 3
Core References
Third Party Advisory, US Government Resource x_refsource_misc
https://ics-cert.us-cert.gov/advisories/ICSA-16-196-01
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/91783
Patch, Vendor Advisory x_refsource_confirm
http://www.schneider-electric.com/ww/en/download/document/SEVD-2016-153-01
Scores
CVSS v3
9.8
EPSS
0.0271
EPSS Percentile
86.1%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
Status
published
Products (1)
schneider-electric/pelco_digital_sentry_video_management_system_firmware
< 7.6.32.9203
Published
Jul 15, 2016
Tracked Since
Feb 18, 2026