Podatność CVE-2016-9358


Publikacja: 2017-06-29   Modyfikacja: 2017-06-30

Opis:
A Hard-Coded Passwords issue was discovered in Marel Food Processing Systems M3000 terminal associated with the following systems: A320, A325, A371, A520 Master, A520 Slave, A530, A542, A571, Check Bin Grader, FlowlineQC T376, IPM3 Dual Cam v132, IPM3 Dual Cam v139, IPM3 Single Cam v132, P520, P574, SensorX13 QC flow line, SensorX23 QC Master, SensorX23 QC Slave, Speed Batcher, T374, T377, V36, V36B, and V36C; M3210 terminal associated with the same systems as the M3000 terminal identified above; M3000 desktop software associated with the same systems as the M3000 terminal identified above; MAC4 controller associated with the same systems as the M3000 terminal identified above; SensorX23 X-ray machine; SensorX25 X-ray machine; and MWS2 weighing system. The end user does not have the ability to change system passwords.

Typ:

CWE-798

CVSS2 => (AV:N/AC:L/Au:N/C:C/I:C/A:C)

Ogólna skala CVSS
Znaczenie
Łatwość wykorzystania
10/10
10/10
10/10
Wymagany dostęp
Złożoność ataku
Autoryzacja
Zdalny
Niska
Nie wymagana
Wpływ na poufność
Wpływ na integralność
Wpływ na dostępność
Pełny
Pełny
Pełny
Affected software
Marel -> A520 slave firmware 
Marel -> V36b firmware 
Marel -> Flowlineqc t376 firmware 
Marel -> A325 firmware 
Marel -> A320 firmware 
Marel -> A542 firmware 
Marel -> A520 master firmware 
Marel -> Ipm3 dual cam firmware 
Marel -> A371 firmware 
Marel -> V36 firmware 
Marel -> Check bin grader firmware 
Marel -> Sensorx23 qc master firmware 
Marel -> Sensorx13 qc flow line firmware 
Marel -> P574 firmware 
Marel -> Speed batcher firmware 
Marel -> V36c firmware 
Marel -> Sensorx23 qc slave firmware 
Marel -> T374 firmware 
Marel -> A571 firmware 
Marel -> A530 firmware 
Marel -> T377 firmware 
Marel -> P520 firmware 

 Referencje:
http://www.securityfocus.com/bid/97388
https://ics-cert.us-cert.gov/advisories/ICSA-17-094-02

Copyright 2021, cxsecurity.com

 

Back to Top