VDB
CVE-2011-4859
CVE-2011-4859
PUBLISHED
CVSS 10 CRITICAL
The Schneider Electric Quantum Ethernet Module, as used in the Quantum 140NOE771* and 140CPU65* modules, the Premium TSXETY* and TSXP57* modules, the M340 BMXNOE01* and BMXP3420* modules, and the STB DIO STBNIC2212 and STBNIP2* modules, uses hardcoded passwords for the (1) AUTCSE, (2) AUT_CSE, (3) fdrusers, (4) ftpuser, (5) loader, (6) nic2212, (7) nimrohs2212, (8) nip2212, (9) noe77111_v500, (10) ntpupdate, (11) pcfactory, (12) sysdiag, (13) target, (14) test, (15) USER, and (16) webserver accounts, which makes it easier for remote attackers to obtain access via the (a) TELNET, (b) Windriver Debug, or (c) FTP port.
EPSS 7.00% · 91.6th percentile
Risk Scores
CVSS 2.0
10
EPSS Score
7.00%
91.6th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| schneider-electric | premium_ethernet_module_tsxety4103 | 0, 0, 0 |
| schneider-electric | premium_ethernet_module_tsxp573634m | 0, 0, 0 |
| schneider-electric | premium_ethernet_module_tsxp576634m | 0, 0, 0 |
| schneider-electric | stb_dio_ethernet_module_stbnip2212 | 0, 0, 0 |
| schneider-electric | m340_ethernet_module_bmxnoe0100 | 0, 0, 0 |
| schneider-electric | premium_ethernet_module_tsxp572634m | 0, 0, 0 |
| schneider-electric | quantum_ethernet_module_140cpu65150 | 0, 0, 0 |
| schneider-electric | premium_ethernet_module_tsxp57163m | 0, 0, 0 |
| schneider-electric | quantum_ethernet_module_140noe77100 | 0, 0, 0 |
| schneider-electric | premium_ethernet_module_tsxety5103 | 0, 0, 0 |
| schneider-electric | quantum_ethernet_module_140cpu65260 | 0, 0, 0 |
| schneider-electric | premium_ethernet_module_tsxp575634m | 0, 0, 0 |
| schneider-electric | m340_ethernet_module_bmxp342020 | 0, 0, 0 |
| schneider-electric | quantum_ethernet_module_140cpu65160 | 0, 0, 0 |
| schneider-electric | quantum_ethernet_module_140noe77111 | 0, 0, 0 |
| schneider-electric | premium_ethernet_module_tsxp574634m | 0, 0, 0 |
| schneider-electric | quantum_ethernet_module_140noe77101 | 0, 0, 0 |
| schneider-electric | stb_dio_ethernet_module_stbnip2311 | 0, 0, 0 |
| schneider-electric | m340_ethernet_module_bmxp342030 | 0, 0, 0 |
| schneider-electric | m340_ethernet_module_bmxnoe0110 | 0, 0, 0 |
…and 2 more
Exploit Intelligence
- http://www.us-cert.gov/control_systems/pdf/ICS-ALERT-12-020-03.pdf (circl)
- http://reversemode.com/index.php?option=com_content&task=view&id=80&Itemid=1 (circl)
- 51605 (circl)
- http://www.us-cert.gov/control_systems/pdf/ICSA-12-018-01.pdf (circl)
- 47723 (circl)
- schneider-modicon-backdoor(72587) (circl)
- http://www.us-cert.gov/control_systems/pdf/ICS-ALERT-11-346-01.pdf (circl)
- EXPL_Log4j_CVE_2021_44228_Dec21_Hard_RID31D9.yar (github-yara)
- EXPL_Log4j_CVE_2021_44228_Dec21_Hard_RID31D9.yar (github-yara)
- EXPL_Log4j_CVE_2021_44228_Dec21_Hard_RID31D9.yar (github-yara)
…and 142 more exploits
Timeline
- Dec 17, 2011 CVE Published
- Jun 28, 2021 PoC Published
- Dec 11, 2021 PoC Published
- Dec 13, 2021 PoC Published
- Dec 18, 2021 PoC Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Jun 7, 2022 PoC Published
- Sep 4, 2022 EPSS Score
- Sep 16, 2022 PoC Published
- Oct 26, 2022 EPSS Score
References
- http://www.us-cert.gov/control_systems/pdf/ICS-ALERT-12-020-03.pdf url
- http://reversemode.com/index.php?option=com_content&task=view&id=80&Itemid=1 url
- 51605 vdb
- http://www.us-cert.gov/control_systems/pdf/ICSA-12-018-01.pdf url
- 47723 third-party-advisory
- schneider-modicon-backdoor(72587) vdb
- http://www.us-cert.gov/control_systems/pdf/ICS-ALERT-11-346-01.pdf url
- https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-256-01&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2022-256-01-EcoStruxure_Machine_SCADA_ExpertPro-face_BLUE_Open_Studio_Security_Notification.pdf advisory
- https://download.schneider-electric.com/files?p_Doc_Ref=SESB-2021-347-01&p_enDocType=Security+and+Safety+Notice&p_File_Name=SESB-2021-347-01_Apache_Log4j_Log4Shell_Vulnerabilities_Security_Notification_V14.0.pdf advisory
- https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2019-281-02&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2019-281-02_Modicon_Controllers_Security_Notification_V3.0.pdf advisory
- https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-221-01&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2022-221-01_EcoStruxure_Control_Expert_Modicon580_Security_Notification_V1.1.pdf advisory
- https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-193-01&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2022-193-01_OPC_UA_X80_Advanced_RTU_Modicon_Communication_Modules_Security_Notification_V3.0.pdf advisory
- https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-313-05&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2021-313-05_Badalloc_Vulnerabilities_Security_Notification_V10.0.pdf advisory
- https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-221-03&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2022-221-03_EcoStruxure_Control_Expert_Security_Notification.pdf advisory
- https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-221-02&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2022-221-02_Modicon_Controllers_Security_Notification_V1.1.pdf advisory
- https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2018-081-01&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2018-081-01_Embedded_FTP_Servers_for_Modicon_PAC_Controllers_Security_Notification_V3.0.pdf advisory
- https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-04&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2021-222-04_Modicon_PAC_Controllers_PLC_Simulator_Control_Expert_Process_Expert_Security_Notification_V2.0.pdf advisory
- https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-194-01&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2021-194-01_EcoStruxure_Control_Expert_Process_Expert_SCADAPack_RemoteConnect_Modicon_M580_M340_Security_Notifcation_V4.0.pdf advisory
- https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-221-04&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2022-221-04-Modicon_Controllers_Ethernet_Modules_Security_Notification_V1.1.pdf advisory
- https://nvd.nist.gov/vuln/detail/CVE-2011-4859 advisory