virus logo Intrusion Prevention

Schneider.Quantum.Module.Backdoor.Access

description-logoDescription

This indicates detection of a Backdoor Access in Schneider Electric Quantum Ethernet Module.
The vulnerability is due to a default factory account with hard-coded password. Remote attackers can obtain access to the device with this account through FTP access.

affected-products-logoAffected Products

The following products and versions are affected:
Quantum
140NOE77101 Firmware V4.9 and all previous versions,
140NOE77111 Firmware V5.0 and all previous versions,
140NOE77100 Firmware V3.4 and all previous versions,
140NOE77110 Firmware V3.3 and all previous versions,
140CPU65150 Firmware V3.5 and all previous versions,
140CPU65160 Firmware V3.5 and all previous versions,
140CPU65260 Firmware V3.5 and all previous versions,
140NOC77100 Firmware V1.01 and all previous versions,
140NOC77101 Firmware V1.01 and all previous versions.
Premium
TSXETY4103 Firmware V5.0 and all previous versions,
TSXETY5103 Firmware V5.0 and all previous versions,
TSXP571634M Firmware V4.9 and all previous versions,
TSXP572634M Firmware V4.9 and all previous versions,
TSXP573634M Firmware V4.9 and all previous versions,
TSXP574634M Firmware V3.5 and all previous versions,
TSXP575634M Firmware V3.5 and all previous versions,
TSXP576634M Firmware V3.5 and all previous versions,
TSXETC101 Firmware V1.01 and all previous versions.
M340
BMXNOE0100 Firmware V2.3 and all previous versions,
BMXNOE0110 Firmware V4.65 and all previous versions,
BMXNOC0401 Firmware V1.01 and all previous versions.
STBNIC2212 Firmware V2.10 and all previous versions,
STBNIP2311 Firmware V3.01 and all previous versions,
STBNIP2212 Firmware V2.73 and all previous versions,
BMXP342020 Firmware V2.2 and all previous versions,
BMXP342030 Firmware V2.2 and all previous versions.

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Please visit the vendor website for firmware updates to resolve this issue.
http://www.schneider-electric.com/download/ww/en/results/3541958-SoftwareFirmware/

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)
ID 42195
Created May 03, 2016
Updated Jul 24, 2017
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon
CVE ID CVE-2011-4859
Exploit Prediction Score 7.77%
Default Action drop
Active
Affected OS Other
Affected App SCADA