The Festo CECX-X-C1 Modular Master Controller with CoDeSys and CECX-X-M1 Modular Controller with CoDeSys and SoftMotion provide an undocumented access method involving the FTP protocol, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors.
References
Link | Resource |
---|---|
http://ics-cert.us-cert.gov/advisories/ICSA-14-084-01 | US Government Resource |
Configurations
Information
Published : 2014-04-24 22:12
Updated : 2014-04-25 06:56
NVD link : CVE-2014-0760
Mitre link : CVE-2014-0760
JSON object : View
CWE
CWE-287
Improper Authentication
Products Affected
3s-software
- codesys_runtime_system
festo
- cecx-x-c1_modular_master_controller
- cecx-x-m1_modular_controller
softmotion3d
- softmotion