CVE-2011-4859

Name of the Vulnerable Software and Affected Versions Schneider Electric Quantum Ethernet Module versions used in the Quantum 140NOE771* and 140CPU65* modules, the Premium TSXETY* and TSXP57* modules, the M340 BMXNOE01* and BMXP3420* modules, and the STB DIO STBNIC2212 and STBNIP2* modules

Description The issue concerns the use of hardcoded passwords for multiple accounts, including AUTCSE, AUT CSE, fdrusers, ftpuser, loader, nic2212, nimrohs2212, nip2212, noe77111 v500, ntpupdate, pcfactory, sysdiag, target, test, USER, and webserver. This makes it easier for remote attackers to obtain access via the TELNET, Windriver Debug, or FTP port. The vulnerability allows any user with access to the device via the FTP protocol to gain authorized access to the device.

Recommendations For the Schneider Electric Quantum Ethernet Module used in the affected devices, consider changing the hardcoded passwords for the accounts AUTCSE, AUT CSE, fdrusers, ftpuser, loader, nic2212, nimrohs2212, nip2212, noe77111 v500, ntpupdate, pcfactory, sysdiag, target, test, USER, and webserver to unique and secure passwords. Restrict access to the TELNET, Windriver Debug, and FTP ports to minimize the risk of exploitation. As a temporary workaround, consider disabling the TELNET, Windriver Debug, and FTP services until secure passwords are implemented. At the moment, there is no information about a newer version that contains a fix for this vulnerability.