Detections
Analytics
Schneider Electric Quantum Ethernet Module Hard-Coded Credentials (CVE-2011-4859)
critical Tenable OT Security Plugin ID 500250
Synopsis
The remote OT asset is affected by a vulnerability.Description
The Schneider Electric Quantum Ethernet Module, as used in the Quantum 140NOE771* and 140CPU65* modules, the Premium TSXETY* and TSXP57* modules, the M340 BMXNOE01* and BMXP3420* modules, and the STB DIO STBNIC2212 and STBNIP2* modules, uses hardcoded passwords for the (1) AUTCSE, (2) AUT_CSE, (3) fdrusers, (4) ftpuser, (5) loader, (6) nic2212, (7) nimrohs2212, (8) nip2212, (9) noe77111_v500, (10) ntpupdate, (11) pcfactory, (12) sysdiag, (13) target, (14) test, (15) USER, and (16) webserver accounts, which makes it easier for remote attackers to obtain access via the (a) TELNET, (b) Windriver Debug, or (c) FTP port.This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information.
Solution
Refer to the vendor advisory.See Also
http://www.us-cert.gov/control_systems/pdf/ICS-ALERT-11-346-01.pdf
http://www.nessus.org/u?77214159
http://www.securityfocus.com/bid/51605
http://secunia.com/advisories/47723
http://www.us-cert.gov/control_systems/pdf/ICS-ALERT-12-020-03.pdf
http://www.us-cert.gov/control_systems/pdf/ICSA-12-018-01.pdf
Plugin Details
Severity: Critical
ID: 500250
Version: 1.7
Type: remote
Family: Tenable.ot
Published: 2/7/2022
Updated: 9/4/2024
Supported Sensors: Tenable OT Security
Risk Information
VPR
Risk Factor: Medium
Score: 5.9
CVSS v2
Risk Factor: Critical
Base Score: 10
Temporal Score: 7.4
Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C
CVSS Score Source: CVE-2011-4859
CVSS v3
Risk Factor: Critical
Base Score: 9.8
Temporal Score: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C
Vulnerability Information
CPE: cpe:/a:schneider-electric:premium_ethernet_module_tsxp57163m, cpe:/a:schneider-electric:quantum_ethernet_module_140cpu65160, cpe:/a:schneider-electric:quantum_ethernet_module_140cpu65150, cpe:/a:schneider-electric:premium_ethernet_module_tsxp574634m, cpe:/a:schneider-electric:premium_ethernet_module_tsxety4103, cpe:/a:schneider-electric:premium_ethernet_module_tsxety5103, cpe:/a:schneider-electric:m340_ethernet_module_bmxp342030, cpe:/a:schneider-electric:quantum_ethernet_module_140cpu65260, cpe:/a:schneider-electric:quantum_ethernet_module_140noe77111, cpe:/a:schneider-electric:quantum_ethernet_module_140noe77100, cpe:/a:schneider-electric:premium_ethernet_module_tsxp575634m, cpe:/a:schneider-electric:premium_ethernet_module_tsxp572634m, cpe:/a:schneider-electric:m340_ethernet_module_bmxnoe0110, cpe:/a:schneider-electric:m340_ethernet_module_bmxp342020, cpe:/a:schneider-electric:m340_ethernet_module_bmxnoe0100, cpe:/a:schneider-electric:premium_ethernet_module_tsxp573634m, cpe:/a:schneider-electric:quantum_ethernet_module_140noe77101, cpe:/a:schneider-electric:premium_ethernet_module_tsxp576634m
Required KB Items: Tenable.ot/Schneider
Exploit Ease: No known exploits are available
Patch Publication Date: 12/17/2011
Vulnerability Publication Date: 12/17/2011
Reference Information
CVE: CVE-2011-4859
ICSA: 12-018-01
Secunia: 47723