CVE-2016-4520

Published: Jul 15, 2016Modified: May 6, 2026

9.8

Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 3.9 / Impact: 5.9

Source: NVD

Description

Schneider Electric Pelco Digital Sentry Video Management System with firmware before 7.14 has hardcoded credentials, which allows remote attackers to obtain access, and consequently execute arbitrary code, via unspecified vectors.

Affected (1)

Products: Schneider Electric: Pelco Digital Sentry Video Management System Firmware

Schneider Electric

1 product

Pelco Digital Sentry Video Management System Firmware

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Schneider Electric Pelco Digital Sentry Video Management System Firmware	Up to 7.6.32.9203

References (6)

http://www.schneider-electric.com/ww/en/download/document/SEVD-2016-153-01

Source: ics-cert@hq.dhs.gov

PatchVendor Advisory

http://www.securityfocus.com/bid/91783

Source: ics-cert@hq.dhs.gov

https://ics-cert.us-cert.gov/advisories/ICSA-16-196-01

Source: ics-cert@hq.dhs.gov

Third Party AdvisoryUS Government Resource

http://www.schneider-electric.com/ww/en/download/document/SEVD-2016-153-01

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

http://www.securityfocus.com/bid/91783

Source: af854a3a-2127-422b-91ae-364da2661108

https://ics-cert.us-cert.gov/advisories/ICSA-16-196-01

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryUS Government Resource

Timeline

No history available yet.