FKIE_CVE-2015-7911
Vulnerability from fkie_nvd - Published: 2015-12-23 03:59 - Updated: 2025-04-12 10:46
Severity ?
Summary
Saia Burgess PCD1.M0xx0, PCD1.M2xx0, PCD2.M5xx0, PCD3.Mxx60, PCD3.Mxxx0, PCD7.D4xxD, PCD7.D4xxV, PCD7.D4xxWTPF, and PCD7.D4xxxT5F devices before 1.24.50 and PCD3.T665 and PCD3.T666 devices before 1.24.41 have hardcoded credentials, which allows remote attackers to obtain administrative access via an FTP session.
References
| URL | Tags | ||
|---|---|---|---|
| ics-cert@hq.dhs.gov | https://ics-cert.us-cert.gov/advisories/ICSA-15-335-01 | Patch, Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | https://ics-cert.us-cert.gov/advisories/ICSA-15-335-01 | Patch, Third Party Advisory, US Government Resource |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:saia_burgess_controls:pcd7.d4xxv_vga_mb_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A449695F-D887-467D-A7C8-A49624B2D98D",
"versionEndIncluding": "1.24.41",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:saia_burgess_controls:pcd7.d4xxv_vga_mb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AEBFC820-2475-4983-B121-A9218B7CA9A9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:saia_burgess_controls:pcd7.d4xxd_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BB31C345-3D42-4AC1-8B67-1C6141C96A24",
"versionEndIncluding": "1.24.41",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:saia_burgess_controls:pcd7.d4xxd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8DAA1EE-205E-4B74-AA18-214E47BD71D3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:saia_burgess_controls:pcd3.mxxx0_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3AC536B8-BD04-4247-ADB8-E7D419383D7E",
"versionEndIncluding": "1.24.25",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:saia_burgess_controls:pcd3.mxxx0:-:*:*:*:*:*:*:*",
"matchCriteriaId": "331C8AE7-49E2-4EC6-A3D1-4A15E49224B5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:saia_burgess_controls:pcd7.d4xxd_svga_mb_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1CDF7DA2-0D98-455D-90BB-B52E3115DF0C",
"versionEndIncluding": "1.24.41",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:saia_burgess_controls:pcd7.d4xxd_svga_mb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8DF47617-D46D-40B5-979C-97ECCB9AA380",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:saia_burgess_controls:pcd3.t666_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "75497879-C207-4E52-A3A4-8D3A3187EDE5",
"versionEndIncluding": "1.24.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:saia_burgess_controls:pcd3.t666:-:*:*:*:*:*:*:*",
"matchCriteriaId": "45D5750C-6EE7-461C-845D-53B3EB741D65",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:saia_burgess_controls:pcd1.m2xx0_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D176B2BB-EFFB-4686-82D9-42C9DE859F39",
"versionEndIncluding": "1.24.25",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:saia_burgess_controls:pcd1.m2xx0:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE665886-EF93-4F86-B5AD-B81F1469211F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:saia_burgess_controls:pcd3.mxx60_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1CE17CB8-BF9F-4133-A00D-37EF2589C087",
"versionEndIncluding": "1.24.25",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:saia_burgess_controls:pcd3.mxx60:-:*:*:*:*:*:*:*",
"matchCriteriaId": "14DE813D-C8E1-4DD7-8DA3-F6F9E0C7542F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:saia_burgess_controls:pcd3.t665_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "781AA257-C343-488E-B918-10C6FD0D7E6F",
"versionEndIncluding": "1.24.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:saia_burgess_controls:pcd3.t665:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E48B2179-4C04-4698-A9F1-575C45F2B9E4",
"versionEndIncluding": "-",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:saia_burgess_controls:pcd2.m5xx0_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FA8B1B34-70A5-48F2-8D72-7888EE00AA66",
"versionEndIncluding": "1.24.25",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:saia_burgess_controls:pcd2.m5xx0:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B2B110DC-6278-49C4-A8D0-299AB9D5D5DE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:saia_burgess_controls:pcd7.d4xxwtpf_wvga_mb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FF730BCA-D3C5-4640-97EB-04D4C495F2DA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:saia_burgess_controls:pcd7.d4xxwtpf_wvga_mb_firmware:1.24.41:*:*:*:*:*:*:*",
"matchCriteriaId": "9D4E2F09-DD0E-4A3D-B3C6-2A256EF4E1BA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:saia_burgess_controls:pcd7.d4xxwtpf_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "21F8B944-CBFB-41AF-8227-DD522C9233C1",
"versionEndIncluding": "1.24.41",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:saia_burgess_controls:pcd7.d4xxwtpf:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1FB5B2F0-839E-4882-A868-6AB7548D643C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:saia_burgess_controls:pcd1.m0xx0_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "35A393C4-8865-498B-9885-F9BD26B9D5C4",
"versionEndIncluding": "1.24.25",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:saia_burgess_controls:pcd1.m0xx0:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D0D7A81F-EF55-48BF-B9A6-19F9269E20A8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:saia_burgess_controls:pcd7.d4xxxt5f_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A23937F1-5686-4EFB-B77B-B8A5B73CF842",
"versionEndIncluding": "1.24.41",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:saia_burgess_controls:pcd7.d4xxxt5f:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5D202770-CC48-470B-8442-30BC10521E1D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:saia_burgess_controls:pcd7.d4xxv_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F7318A0C-BCF2-4E25-9E00-420E3D876072",
"versionEndIncluding": "1.24.41",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:saia_burgess_controls:pcd7.d4xxv:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D25D4B6-A9A4-4147-99D4-9F95D8A31B9F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Saia Burgess PCD1.M0xx0, PCD1.M2xx0, PCD2.M5xx0, PCD3.Mxx60, PCD3.Mxxx0, PCD7.D4xxD, PCD7.D4xxV, PCD7.D4xxWTPF, and PCD7.D4xxxT5F devices before 1.24.50 and PCD3.T665 and PCD3.T666 devices before 1.24.41 have hardcoded credentials, which allows remote attackers to obtain administrative access via an FTP session."
},
{
"lang": "es",
"value": "Dispositivos Saia Burgess PCD1.M0xx0, PCD1.M2xx0, PCD2.M5xx0, PCD3.Mxx60, PCD3.Mxxx0, PCD7.D4xxD, PCD7.D4xxV, PCD7.D4xxWTPF y PCD7.D4xxxT5F en versiones a anteriores a 1.24.50 y dispositivos PCD3.T665 y PCD3.T666 en versiones a anteriores a 1.24.41 tienen credenciales embebidas, lo que permite a atacantes remotos obtener acceso administrativo a trav\u00e9s de una sesi\u00f3n FTP."
}
],
"id": "CVE-2015-7911",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2015-12-23T03:59:03.200",
"references": [
{
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-335-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-335-01"
}
],
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-255"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…