CVE-2015-7911

Saia Burgess PCD1.M0xx0, PCD1.M2xx0, PCD2.M5xx0, PCD3.Mxx60, PCD3.Mxxx0, PCD7.D4xxD, PCD7.D4xxV, PCD7.D4xxWTPF, and PCD7.D4xxxT5F devices before 1.24.50 and PCD3.T665 and PCD3.T666 devices before 1.24.41 have hardcoded credentials, which allows remote attackers to obtain administrative access via an FTP session.
References
Link Resource
https://ics-cert.us-cert.gov/advisories/ICSA-15-335-01 Patch Third Party Advisory US Government Resource
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:saia_burgess_controls:pcd7.d4xxv_vga_mb_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:saia_burgess_controls:pcd7.d4xxv_vga_mb:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:saia_burgess_controls:pcd7.d4xxd_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:saia_burgess_controls:pcd7.d4xxd:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:saia_burgess_controls:pcd3.mxxx0_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:saia_burgess_controls:pcd3.mxxx0:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:saia_burgess_controls:pcd7.d4xxd_svga_mb_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:saia_burgess_controls:pcd7.d4xxd_svga_mb:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:saia_burgess_controls:pcd3.t666_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:saia_burgess_controls:pcd3.t666:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:saia_burgess_controls:pcd1.m2xx0_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:saia_burgess_controls:pcd1.m2xx0:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:saia_burgess_controls:pcd3.mxx60_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:saia_burgess_controls:pcd3.mxx60:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:saia_burgess_controls:pcd3.t665_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:saia_burgess_controls:pcd3.t665:*:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:saia_burgess_controls:pcd2.m5xx0_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:saia_burgess_controls:pcd2.m5xx0:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND
cpe:2.3:h:saia_burgess_controls:pcd7.d4xxwtpf_wvga_mb:-:*:*:*:*:*:*:*
cpe:2.3:o:saia_burgess_controls:pcd7.d4xxwtpf_wvga_mb_firmware:1.24.41:*:*:*:*:*:*:*

Configuration 11 (hide)

AND
cpe:2.3:o:saia_burgess_controls:pcd7.d4xxwtpf_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:saia_burgess_controls:pcd7.d4xxwtpf:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND
cpe:2.3:o:saia_burgess_controls:pcd1.m0xx0_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:saia_burgess_controls:pcd1.m0xx0:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND
cpe:2.3:o:saia_burgess_controls:pcd7.d4xxxt5f_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:saia_burgess_controls:pcd7.d4xxxt5f:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND
cpe:2.3:o:saia_burgess_controls:pcd7.d4xxv_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:saia_burgess_controls:pcd7.d4xxv:-:*:*:*:*:*:*:*

History

No history.

Information

Published : 2015-12-23 03:59

Updated : 2023-12-10 11:46


NVD link : CVE-2015-7911

Mitre link : CVE-2015-7911

CVE.ORG link : CVE-2015-7911


JSON object : View

Products Affected

saia_burgess_controls

  • pcd7.d4xxxt5f
  • pcd7.d4xxxt5f_firmware
  • pcd7.d4xxv_vga_mb
  • pcd1.m2xx0_firmware
  • pcd1.m0xx0_firmware
  • pcd3.t666
  • pcd2.m5xx0_firmware
  • pcd3.t665
  • pcd7.d4xxv
  • pcd3.mxx60_firmware
  • pcd3.mxxx0
  • pcd7.d4xxwtpf_wvga_mb
  • pcd7.d4xxwtpf_wvga_mb_firmware
  • pcd7.d4xxv_firmware
  • pcd7.d4xxwtpf
  • pcd2.m5xx0
  • pcd7.d4xxd_firmware
  • pcd3.mxxx0_firmware
  • pcd3.mxx60
  • pcd7.d4xxwtpf_firmware
  • pcd3.t666_firmware
  • pcd7.d4xxd_svga_mb_firmware
  • pcd1.m2xx0
  • pcd7.d4xxv_vga_mb_firmware
  • pcd3.t665_firmware
  • pcd1.m0xx0
  • pcd7.d4xxd
  • pcd7.d4xxd_svga_mb
CWE
CWE-255

Credentials Management Errors