CVE-2011-4860

Name of the Vulnerable Software and Affected Versions Schneider Electric Quantum Ethernet Module on the NOE 771 device (affected versions not specified)

Description The issue concerns the ComputePassword function in the Schneider Electric Quantum Ethernet Module, which generates the password for the fwupgrade account based on the MAC address. This makes it easier for remote attackers to obtain access via an ARP request message or a Neighbor Solicitation message.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.