CVE-2019-10950
CRITICALFujifilm CR-IR 357 FCR Carbon X/FCR XC-2/FCR Capsula X - Unauthenticated OS Access via Insecure Telnet Service
Title source: llmDescription
Fujifilm FCR Capsula X/ Carbon X/ FCR XC-2, model versions CR-IR 357 FCR Carbon X, CR-IR 357 FCR XC-2, FCR-IR 357 FCR Capsula X provide insecure telnet services that lack authentication requirements. An attacker who successfully exploits this vulnerability may be able to access the underlying operating system.
References (2)
Core 2
Core References
Third Party Advisory, US Government Resource x_refsource_misc
https://ics-cert.us-cert.gov/advisories/ICSMA-19-113-01
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/108052
Scores
CVSS v3
9.8
EPSS
0.0363
EPSS Percentile
88.1%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-284
CWE-306
Status
published
Products (3)
fujifilm/cr-ir_357_fcr_capsula_x_firmware
fujifilm/cr-ir_357_fcr_carbon_x_firmware
fujifilm/cr-ir_357_fcr_xc-2_firmware
Published
Apr 30, 2019
Tracked Since
Feb 18, 2026