Schneider Electric FTP Server Default Credentials

critical Nessus Plugin ID 23821

Synopsis

The remote FTP server has one or more accounts with default / backdoor credentials.

Description

The remote FTP server has an account with a known username / password combination, which is hardcoded into the device's firmware and difficult to change or remove. An attacker may be able to use this to gain privileged authenticated access to the system, which could allow for other attacks against the affected device.

Solution

Block access to the vulnerable device ports.

Plugin Details

Severity: Critical

ID: 23821

File Name: scada_modicon_default_ftp.nbin

Version: 1.92

Type: remote

Family: SCADA

Published: 12/11/2006

Updated: 5/20/2024

Configuration: Enable thorough checks

Supported Sensors: Nessus

Risk Information

CVSS Score Rationale: Privileged authenticated access

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 9.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS Score Source: manual

CVSS v3

Risk Factor: Critical

Base Score: 10

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Vulnerability Information

Excluded KB Items: global_settings/supplied_logins_only

Exploit Available: true

Exploit Ease: Exploits are available

Reference Information

BID: 51605

ICS-ALERT: 12-020-01, 12-020-03, 15-224-02