CVE-2013-2782
9.3
Vector
AV:N/AC:M/Au:N/C:C/I:C/A:C
Exploitability: 8.6 / Impact: 10.0
Source: NVD
Description
Schneider Electric Trio J-Series License Free Ethernet Radio with firmware 3.6.0 through 3.6.3 uses the same AES encryption key across different customers' installations, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by leveraging knowledge of this key from another installation.
Affected (12)
Products: Schneider Electric: Tburjr900, Tburjr900 Firmware
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| Version 00002dh0 | |
| Version 3.6.0 |
Related CWEs
References (4)
Source: ics-cert@hq.dhs.gov
US Government Resource
Source: ics-cert@hq.dhs.gov
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
US Government Resource
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Timeline
No history available yet.