Vulnerability CVE-2019-10950


Published: 2019-04-30

Description:
Fujifilm FCR Capsula X/ Carbon X/ FCR XC-2, model versions CR-IR 357 FCR Carbon X, CR-IR 357 FCR XC-2, FCR-IR 357 FCR Capsula X provide insecure telnet services that lack authentication requirements. An attacker who successfully exploits this vulnerability may be able to access the underlying operating system.

Type:

CWE-287

(Improper Authentication)

Vendor: Fujifilm
Product: Cr-ir 357 fcr capsula x firmware 
Product: Cr-ir 357 fcr xc-2 firmware 
Product: Cr-ir 357 fcr carbon x firmware 

CVSS2 => (AV:N/AC:L/Au:N/C:C/I:C/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
10/10
10/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Complete
Complete
Complete

 References:
http://www.securityfocus.com/bid/108052
https://ics-cert.us-cert.gov/advisories/ICSMA-19-113-01

Copyright 2019, cxsecurity.com

 

Back to Top