Research Advisory - Vulnerable Disclosure 3 - Multiple Vulnerabilities
Case Number
263956
Disclosure Timeline
1/Jan/2019 - Vulnerability reported
08/Jan/2019 - M/s. Schneider opened a case to investigate
04/Feb/2019 - C3i asks for an update
05/Feb/2019 - M/s. Schneider confirmed the vulnerability & are currently working on an action plan.
08/Mar/2019 - C3i Center asks for an update
18/Mar/2019- M/s. Schneider requested for a list of all vulnerabilities
19/Mar/2019 - C3i Center shared a list of vulnerabilities reported yet
20/Mar/2019 - M/s. Schneider thanks to C3i center and agreed to provide update on all the cases by early next week.
21/Mar/2019 - C3i Center acknowledged their mail and awaiting for their valuable response
08/Jan/2019 - M/s. Schneider opened a case to investigate
04/Feb/2019 - C3i asks for an update
05/Feb/2019 - M/s. Schneider confirmed the vulnerability & are currently working on an action plan.
08/Mar/2019 - C3i Center asks for an update
18/Mar/2019- M/s. Schneider requested for a list of all vulnerabilities
19/Mar/2019 - C3i Center shared a list of vulnerabilities reported yet
20/Mar/2019 - M/s. Schneider thanks to C3i center and agreed to provide update on all the cases by early next week.
21/Mar/2019 - C3i Center acknowledged their mail and awaiting for their valuable response
Make
Schneider Electric
Part No.
BMXP342020
Product
RTU
CVE Number
CVE-2019-6812
Date
Status
Confirmed
Vulnerability
Hard-coded credentials in Firmware