CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
AI Score
Confidence
High
EPSS
Percentile
57.3%
SAUTER Controls Nova 200–220 Series with firmware version 3.3-006 and
prior and BACnetstac version 4.2.1 and prior have only FTP and Telnet
available for device management. Any sensitive information communicated
through these protocols, such as credentials, is sent in cleartext. An
attacker could obtain sensitive information such as user credentials to
gain access to the system.
Vendor | Product | Version | CPE |
---|---|---|---|
sauter-controls | nova_220_eyk220f001 | - | cpe:2.3:h:sauter-controls:nova_220_eyk220f001:-:*:*:*:*:*:*:* |
sauter-controls | nova_220_eyk220f001_firmware | * | cpe:2.3:o:sauter-controls:nova_220_eyk220f001_firmware:*:*:*:*:*:*:*:* |
sauter-controls | nova_230_eyk230f001 | - | cpe:2.3:h:sauter-controls:nova_230_eyk230f001:-:*:*:*:*:*:*:* |
sauter-controls | nova_230_eyk230f001_firmware | * | cpe:2.3:o:sauter-controls:nova_230_eyk230f001_firmware:*:*:*:*:*:*:*:* |
sauter-controls | nova_106_eyk300f001_firmware | * | cpe:2.3:o:sauter-controls:nova_106_eyk300f001_firmware:*:*:*:*:*:*:*:* |
sauter-controls | nova_106_eyk300f001 | - | cpe:2.3:h:sauter-controls:nova_106_eyk300f001:-:*:*:*:*:*:*:* |
sauter-controls | modunet300_ey-am300f001_firmware | * | cpe:2.3:o:sauter-controls:modunet300_ey-am300f001_firmware:*:*:*:*:*:*:*:* |
sauter-controls | modunet300_ey-am300f001 | - | cpe:2.3:h:sauter-controls:modunet300_ey-am300f001:-:*:*:*:*:*:*:* |
sauter-controls | modunet300_ey-am300f002_firmware | * | cpe:2.3:o:sauter-controls:modunet300_ey-am300f002_firmware:*:*:*:*:*:*:*:* |
sauter-controls | modunet300_ey-am300f002 | - | cpe:2.3:h:sauter-controls:modunet300_ey-am300f002:-:*:*:*:*:*:*:* |
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
AI Score
Confidence
High
EPSS
Percentile
57.3%