GE D20 Default Credentials

high Nessus Plugin ID 57598

Synopsis

The remote device can be accessed with default credentials.

Description

The remote device appears to be a General Electric D20 Remote Terminal that can be accessed using default credentials. An attacker could leverage this issue to gain administrative access to the affected device.

Solution

Change the default password or block access to the port.

Plugin Details

Severity: High

ID: 57598

File Name: scada_d20_default_telnet.nbin

Version: 1.58

Type: remote

Family: SCADA

Published: 1/19/2012

Updated: 7/19/2022

Risk Information

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 7.5

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Temporal Vector: E:H/RL:ND/RC:ND

Vulnerability Information

Excluded KB Items: global_settings/supplied_logins_only

Exploit Available: true

Exploit Ease: No exploit is required