Summary
The remote Schneider Modicon M340 is prone to a
default account authentication bypass vulnerability. This issue may be exploited by a remote attacker to gain access to sensitive information or modify system configuration.
It was possible to login as user 'USER' with password 'USER'.
Solution
Change the password.
References
Severity
Classification
-
CVSS Base Score: 9.0
AV:N/AC:L/Au:N/C:C/I:P/A:P
Related Vulnerabilities
- Multiple Barracuda Products Security Bypass and Backdoor Unauthorized Access Vulnerabilities
- Schneider Modicon M340 Default Credentials
- Schneider Electric Quantum Ethernet Module Hardcoded Credentials Authentication Bypass Vulnerability
- CAREL pCOWeb Default root Password
- Default password ('synnet') for 'debug' account