Saia Burgess Controls PCD Controllers Hard-Coded FTP Credentials Vulnerability

High Nessus Network Monitor Plugin ID 7183

Synopsis

A Saia Burgess Controls device is running a firmware version vulnerable to hard-coded FTP credentials vulnerability.

Description

A Saia Burgess Controls (SBC) PLC device has been detected which is running a version of firmware that is installed with hard-coded FTP credentials.

Solution

Upgrade the device firmware to version 1.24.41 or 1.24.50 (depending on model number) or later.

See Also

https://www.sbc-support.com/en/product-category/communication-protocols/pcd-on-internet/upgrade-it-security

https://ics-cert.us-cert.gov/advisories/ICSA-15-335-01

Plugin Details

Severity: High

ID: 7183

Version: 1.3

Family: SCADA

Published: 2015/12/18

Modified: 2018/09/16

Risk Information

Risk Factor: High

CVSSv2

Base Score: 9.4

Temporal Score: 7

Vulnerability Information

Patch Publication Date: 2015/12/01

Vulnerability Publication Date: 2015/12/01

Reference Information

CVE: CVE-2015-7911