Vulnerability CVE-2016-4520


Published: 2016-07-15

Description:
Schneider Electric Pelco Digital Sentry Video Management System with firmware before 7.14 has hardcoded credentials, which allows remote attackers to obtain access, and consequently execute arbitrary code, via unspecified vectors.

CVSS2 => (AV:N/AC:L/Au:N/C:C/I:C/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
10/10
10/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Complete
Complete
Complete
Affected software
Schneider-electric -> Pelco digital sentry video management system firmware 

 References:
http://www.schneider-electric.com/ww/en/download/document/SEVD-2016-153-01
https://ics-cert.us-cert.gov/advisories/ICSA-16-196-01

Copyright 2022, cxsecurity.com

 

Back to Top