{ "containers": { "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "ETG3000 FactoryCast HMI Gateway", "vendor": "Schneider Electric", "versions": [ { "status": "affected", "version": "TSXETG3000" }, { "status": "affected", "version": "TSXETG3010" }, { "status": "affected", "version": "TSXETG3021" }, { "status": "affected", "version": "TSXETG3022" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "Narendra Shinde of Qualys Security" } ], "datePublic": "2015-01-20T07:00:00.000Z", "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "
\nThe FTP server on the Schneider Electric ETG3000 FactoryCast HMI Gateway with firmware through 1.60 IR 04 has hardcoded credentials, which makes it easier for remote attackers to obtain access via an FTP session.\n\n
" } ], "value": "The FTP server on the Schneider Electric ETG3000 FactoryCast HMI Gateway with firmware through 1.60 IR 04 has hardcoded credentials, which makes it easier for remote attackers to obtain access via an FTP session." } ], "metrics": [ { "cvssV2_0": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-798", "description": "CWE-798", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "shortName": "icscert", "dateUpdated": "2025-09-05T21:18:01.615Z" }, "references": [ { "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-15-020-02" } ], "solutions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "Schneider Electric has produced an updated firmware, labelled V1.60 \nIR 04. This firmware release moves the jar files directory in a secure \narea. The new firmware also includes the ability to disable the FTP \nserver. This updated firmware can be downloaded at:
\n\n\nSchneider Electric recommends the FTP server be deactivated when not \nneeded. The firmware update does not remove the hard-coded credentials.
\nNarendra Shinde also found that configuration files were accessible \nusing default credentials. Schneider Electric recommends users change \nthe default login credentials. This will protect configuration files \nfrom unauthorized access.
\n\n