22 matches found
EUVD-2011-4776
Malware in sbrugna...
EUVD-2011-4777
Malware in sbrugna...
CVE-2011-4860
The ComputePassword function in the Schneider Electric Quantum Ethernet Module on the NOE 771 device aka the Quantum 140NOE771 module generates the password for the fwupgrade account by performing a calculation on the MAC address, which makes it easier for remote attackers to obtain access via a ...
CVE-2011-4861
The modbus125handler function in the Schneider Electric Quantum Ethernet Module on the NOE 771 device aka the Quantum 140NOE771 module allows remote attackers to install arbitrary firmware updates via a MODBUS 125 function code to TCP port 502...
Schneider Electric Quantum Ethernet Module Permissions, Privileges, and Access Controls (CVE-2011-4861)
The modbus125handler function in the Schneider Electric Quantum Ethernet Module on the NOE 771 device aka the Quantum 140NOE771 module allows remote attackers to install arbitrary firmware updates via a MODBUS 125 function code to TCP port 502. This plugin only works with Tenable.ot. Please visit...
Schneider Electric Quantum Ethernet Module Hard-Coded Credentials (CVE-2011-4859)
The Schneider Electric Quantum Ethernet Module, as used in the Quantum 140NOE771 and 140CPU65 modules, the Premium TSXETY and TSXP57 modules, the M340 BMXNOE01 and BMXP3420 modules, and the STB DIO STBNIC2212 and STBNIP2 modules, uses hardcoded passwords for the 1 AUTCSE, 2 AUTCSE, 3 fdrusers, 4...
Schneider Electric Quantum Ethernet Module Improper Authentication (CVE-2011-4860)
The ComputePassword function in the Schneider Electric Quantum Ethernet Module on the NOE 771 device aka the Quantum 140NOE771 module generates the password for the fwupgrade account by performing a calculation on the MAC address, which makes it easier for remote attackers to obtain access via a ...
CVE-2020-7477
A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Quantum Ethernet Network module 140NOE771x1 Versions 7.0 and prior, Quantum processors with integrated Ethernet – 140CPU65xxxxx all Versions, and Premium processors with integrated Ethernet all Versions, which...
PT-2020-19604
Name of the Vulnerable Software and Affected Versions Quantum Ethernet Network module 140NOE771x1 versions 7.0 and prior Quantum processors with integrated Ethernet – 140CPU65xxxxx all versions Premium processors with integrated Ethernet all versions Description A vulnerability exists due to...
Schneider-electric Quantum Unspecified Vulnerability
The Schneider Electric Quantum Ethernet Module, as used in the Quantum 140NOE771 and 140CPU65 modules, the Premium TSXETY and TSXP57 modules, the M340 BMXNOE01 and BMXP3420 modules, and the STB DIO STBNIC2212 and STBNIP2 modules, uses hardcoded passwords for the 1 AUTCSE, 2 AUTCSE, 3 fdrusers, 4...
Schneider Electric Quantum 140 NOE771x1 Code Issue Vulnerability
The Schneider Electric Quantum 140 NOE771x1 is an Ethernet module from Schneider Electric France. A code issue vulnerability exists in Schneider Electric Quantum 140 NOE771x1 version 6.9 and prior. The vulnerability stems from an improperly designed or implemented code development process for a...
The vulnerability of Schneider Electric’s Quantum Ethernet Module allows a remote intruder to gain privileged access to the system.
The vulnerability of Schneider Electric’s Quantum Ethernet Module is related to the presence of rigidly encrypted data for default authentication through ports such as TELNET, FTP, or Windriver Debug for accounts like AUTCSE, AUTCSE, fdrusers, ftpuser, loader, nic2212, nimrohs2212, nip2212,...
Schneider Electric Quantum Ethernet Module Hard-Coded Credentials
OVERVIEW --------- Begin Update B Part 1 of 3 -------- This updated advisory is a follow-up to the updated advisory titled ICSA-12-018-01A Schneider Electric Quantum Ethernet Module Hard-Coded Credentials that was published on June 04, 2013, on the ICS-CERT Web site. It is also a follow-up to the...
CVE-2011-4860
The ComputePassword function in the Schneider Electric Quantum Ethernet Module on the NOE 771 device aka the Quantum 140NOE771 module generates the password for the fwupgrade account by performing a calculation on the MAC address, which makes it easier for remote attackers to obtain access via a ...
Design/Logic Flaw
The ComputePassword function in the Schneider Electric Quantum Ethernet Module on the NOE 771 device aka the Quantum 140NOE771 module generates the password for the fwupgrade account by performing a calculation on the MAC address, which makes it easier for remote attackers to obtain access via a ...
CVE-2011-4860
The ComputePassword function in the Schneider Electric Quantum Ethernet Module on the NOE 771 device aka the Quantum 140NOE771 module generates the password for the fwupgrade account by performing a calculation on the MAC address, which makes it easier for remote attackers to obtain access via a ...
CVE-2011-4860
The vulnerability CVE-2011-4860 affects the Schneider Electric Quantum Ethernet Module NOE 771 (aka Quantum 140NOE771*) where the ComputePassword function derives the fwupgrade password from the MAC address. This allows remote attackers to gain access via (1) ARP requests or (2) Neighbor Solicita...
CVE-2011-4859
The Schneider Electric Quantum Ethernet Module, as used in the Quantum 140NOE771 and 140CPU65 modules, the Premium TSXETY and TSXP57 modules, the M340 BMXNOE01 and BMXP3420 modules, and the STB DIO STBNIC2212 and STBNIP2 modules, uses hardcoded passwords for the 1 AUTCSE, 2 AUTCSE, 3 fdrusers, 4...
CVE-2011-4861
The CVE-2011-4861 entry concerns Schneider Electric Quantum Ethernet Module (NOE 771 / Quantum 140NOE771*) that allows remote firmware updates via the MODBUS 125 function code sent to TCP port 502 through the modbus_125_handler. This is a software/firmware update mechanism vulnerability in the de...
CVE-2011-4861
The modbus125handler function in the Schneider Electric Quantum Ethernet Module on the NOE 771 device aka the Quantum 140NOE771 module allows remote attackers to install arbitrary firmware updates via a MODBUS 125 function code to TCP port 502...