TURCK BL20 Programmable Gateway and BL67 Programmable Gateway have hardcoded accounts, which allows remote attackers to obtain administrative access via an FTP session.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:N/AC:L/Au:N/C:C/I:C/A:C
Vendors Products
Turck
  • Bl67 Programmable Gateway Firmware
  • Bl20 Programmable Gateway
  • Bl67 Programmable Gateway
  • Bl20 Programmable Gateway Firmware

Configuration 1 [-]

OR cpe:2.3:h:turck:bl20_programmable_gateway:-:*:*:*:*:*:*:*
cpe:2.3:h:turck:bl67_programmable_gateway:-:*:*:*:*:*:*:*
cpe:2.3:o:turck:bl20_programmable_gateway_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:turck:bl67_programmable_gateway_firmware:-:*:*:*:*:*:*:*
References
Link Resource
http://ics-cert.us-cert.gov/advisories/ICSA-13-136-01 US Government Resource
History

No history.

cve-icon MITRE Information

Status: PUBLISHED

Assigner: icscert

Published: 2022-10-03T16:15:34

Updated: 2022-10-03T16:15:34

Reserved: 2022-10-03T00:00:00

Link: CVE-2012-4697

JSON object: View

cve-icon NVD Information

Status : Analyzed

Published: 2013-05-23T17:55:02.870

Modified: 2013-06-24T04:00:00.000

Link: CVE-2012-4697

JSON object: View

cve-icon Redhat Information

No data.

CWE