Schneider Electric Quantum Ethernet Module Hard-Coded Credentials (CVE-2011-4859)

critical Tenable OT Security Plugin ID 500250

Synopsis

The remote OT asset is affected by a vulnerability.

Description

The Schneider Electric Quantum Ethernet Module, as used in the Quantum 140NOE771* and 140CPU65* modules, the Premium TSXETY* and TSXP57* modules, the M340 BMXNOE01* and BMXP3420* modules, and the STB DIO STBNIC2212 and STBNIP2* modules, uses hardcoded passwords for the (1) AUTCSE, (2) AUT_CSE, (3) fdrusers, (4) ftpuser, (5) loader, (6) nic2212, (7) nimrohs2212, (8) nip2212, (9) noe77111_v500, (10) ntpupdate, (11) pcfactory, (12) sysdiag, (13) target, (14) test, (15) USER, and (16) webserver accounts, which makes it easier for remote attackers to obtain access via the (a) TELNET, (b) Windriver Debug, or (c) FTP port.

This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information.

Solution

Refer to the vendor advisory.

See Also

http://www.us-cert.gov/control_systems/pdf/ICS-ALERT-11-346-01.pdf

http://www.nessus.org/u?77214159

http://www.securityfocus.com/bid/51605

http://secunia.com/advisories/47723

http://www.us-cert.gov/control_systems/pdf/ICS-ALERT-12-020-03.pdf

http://www.us-cert.gov/control_systems/pdf/ICSA-12-018-01.pdf

https://exchange.xforce.ibmcloud.com/vulnerabilities/72587

Plugin Details

Severity: Critical

ID: 500250

Version: 1.7

Type: remote

Family: Tenable.ot

Published: 2/7/2022

Updated: 9/4/2024

Supported Sensors: Tenable OT Security

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 7.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2011-4859

CVSS v3

Risk Factor: Critical

Base Score: 9.8

Temporal Score: 8.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:schneider-electric:premium_ethernet_module_tsxp57163m, cpe:/a:schneider-electric:quantum_ethernet_module_140cpu65160, cpe:/a:schneider-electric:quantum_ethernet_module_140cpu65150, cpe:/a:schneider-electric:premium_ethernet_module_tsxp574634m, cpe:/a:schneider-electric:premium_ethernet_module_tsxety4103, cpe:/a:schneider-electric:premium_ethernet_module_tsxety5103, cpe:/a:schneider-electric:m340_ethernet_module_bmxp342030, cpe:/a:schneider-electric:quantum_ethernet_module_140cpu65260, cpe:/a:schneider-electric:quantum_ethernet_module_140noe77111, cpe:/a:schneider-electric:quantum_ethernet_module_140noe77100, cpe:/a:schneider-electric:premium_ethernet_module_tsxp575634m, cpe:/a:schneider-electric:premium_ethernet_module_tsxp572634m, cpe:/a:schneider-electric:m340_ethernet_module_bmxnoe0110, cpe:/a:schneider-electric:m340_ethernet_module_bmxp342020, cpe:/a:schneider-electric:m340_ethernet_module_bmxnoe0100, cpe:/a:schneider-electric:premium_ethernet_module_tsxp573634m, cpe:/a:schneider-electric:quantum_ethernet_module_140noe77101, cpe:/a:schneider-electric:premium_ethernet_module_tsxp576634m

Required KB Items: Tenable.ot/Schneider

Exploit Ease: No known exploits are available

Patch Publication Date: 12/17/2011

Vulnerability Publication Date: 12/17/2011

Reference Information

CVE: CVE-2011-4859

ICSA: 12-018-01

Secunia: 47723