Saia Burgess Controls PCD Controllers Hard-Coded FTP Credentials Vulnerability

high Nessus Network Monitor Plugin ID 7183

Synopsis

A Saia Burgess Controls device is running a firmware version vulnerable to hard-coded FTP credentials vulnerability.

Description

A Saia Burgess Controls (SBC) PLC device has been detected which is running a version of firmware that is installed with hard-coded FTP credentials.

Solution

Upgrade the device firmware to version 1.24.41 or 1.24.50 (depending on model number) or later.

See Also

https://www.sbc-support.com/en/product-category/communication-protocols/pcd-on-internet/upgrade-it-security

https://ics-cert.us-cert.gov/advisories/ICSA-15-335-01

Plugin Details

Severity: High

ID: 7183

Version: 1.3

Family: SCADA

Published: 12/18/2015

Updated: 8/16/2018

Risk Information

VPR

Risk Factor: Medium

Score: 5.2

Vulnerability Information

Patch Publication Date: 12/1/2015

Vulnerability Publication Date: 12/1/2015

Reference Information

CVE: CVE-2015-7911