Description
A Credential Management vulnerability exists in FoxView HMI SCADA (All Foxboro DCS, Foxboro Evo, and IA Series versions prior to Foxboro DCS Control Core Services 9.4 (CCS 9.4) and FoxView 10.5.) which could cause unauthorized disclosure, modification, or disruption in service when the password is modified without permission.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_confirm
https://www.schneider-electric.com/en/download/document/SEVD-2018-353-03/
Scores
CVSS v3
8.7
EPSS
0.0006
EPSS Percentile
18.8%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L
Details
Status
published
Products (4)
schneider-electric/foxboro_dcs
< ccs_9.4
schneider-electric/foxboro_evo
< ccs_9.4
schneider-electric/foxview
10.5
schneider-electric/ia_series
< ccs_9.4
Published
Dec 24, 2018
Tracked Since
Feb 18, 2026