VYPR
Unrated severityNVD Advisory· Published Dec 17, 2011· Updated Jun 16, 2026

CVE-2011-4859

CVE-2011-4859

Description

The Schneider Electric Quantum Ethernet Module, as used in the Quantum 140NOE771* and 140CPU65* modules, the Premium TSXETY* and TSXP57* modules, the M340 BMXNOE01* and BMXP3420* modules, and the STB DIO STBNIC2212 and STBNIP2* modules, uses hardcoded passwords for the (1) AUTCSE, (2) AUT_CSE, (3) fdrusers, (4) ftpuser, (5) loader, (6) nic2212, (7) nimrohs2212, (8) nip2212, (9) noe77111_v500, (10) ntpupdate, (11) pcfactory, (12) sysdiag, (13) target, (14) test, (15) USER, and (16) webserver accounts, which makes it easier for remote attackers to obtain access via the (a) TELNET, (b) Windriver Debug, or (c) FTP port.

Affected products

22
  • cpe:2.3:a:schneider-electric:m340_ethernet_module_bmxnoe0100:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:schneider-electric:m340_ethernet_module_bmxnoe0100:*:*:*:*:*:*:*:*range: <=2.3
    • cpe:2.3:a:schneider-electric:m340_ethernet_module_bmxp342030:*:*:*:*:*:*:*:*range: <=2.2
  • cpe:2.3:a:schneider-electric:m340_ethernet_module_bmxnoe0110:*:*:*:*:*:*:*:*
    Range: <=4.65
  • cpe:2.3:a:schneider-electric:m340_ethernet_module_bmxp342020:*:*:*:*:*:*:*:*
    Range: <=2.2
  • cpe:2.3:a:schneider-electric:premium_ethernet_module_tsxety4103:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:schneider-electric:premium_ethernet_module_tsxety4103:*:*:*:*:*:*:*:*range: <=5.0
    • cpe:2.3:a:schneider-electric:premium_ethernet_module_tsxp575634m:*:*:*:*:*:*:*:*range: <=3.5
  • cpe:2.3:a:schneider-electric:premium_ethernet_module_tsxety5103:*:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:a:schneider-electric:premium_ethernet_module_tsxety5103:*:*:*:*:*:*:*:*range: <=5.0
    • cpe:2.3:a:schneider-electric:premium_ethernet_module_tsxp57163m:*:*:*:*:*:*:*:*range: <=4.9
    • cpe:2.3:a:schneider-electric:premium_ethernet_module_tsxp572634m:*:*:*:*:*:*:*:*range: <=4.9
  • cpe:2.3:a:schneider-electric:premium_ethernet_module_tsxp573634m:*:*:*:*:*:*:*:*
    Range: <=4.9
  • cpe:2.3:a:schneider-electric:premium_ethernet_module_tsxp574634m:*:*:*:*:*:*:*:*
    Range: <=3.5
  • cpe:2.3:a:schneider-electric:premium_ethernet_module_tsxp576634m:*:*:*:*:*:*:*:*
    Range: <=3.5
  • cpe:2.3:a:schneider-electric:quantum_ethernet_module_140cpu65150:*:*:*:*:*:*:*:*+ 6 more
    • cpe:2.3:a:schneider-electric:quantum_ethernet_module_140cpu65150:*:*:*:*:*:*:*:*range: <=3.5
    • cpe:2.3:a:schneider-electric:quantum_ethernet_module_140cpu65160:*:*:*:*:*:*:*:*range: <=3.5
    • cpe:2.3:a:schneider-electric:quantum_ethernet_module_140cpu65260:*:*:*:*:*:*:*:*range: <=3.5
    • cpe:2.3:a:schneider-electric:quantum_ethernet_module_140noe77100:*:*:*:*:*:*:*:*range: <=3.3
    • cpe:2.3:a:schneider-electric:quantum_ethernet_module_140noe77101:*:*:*:*:*:*:*:*range: <=4.9
    • cpe:2.3:a:schneider-electric:quantum_ethernet_module_140noe77111:*:*:*:*:*:*:*:*range: <=5.0
    • (no CPE)
  • cpe:2.3:a:schneider-electric:stb_dio_ethernet_module_stbnic2212:*:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:a:schneider-electric:stb_dio_ethernet_module_stbnic2212:*:*:*:*:*:*:*:*range: <=2.10
    • cpe:2.3:a:schneider-electric:stb_dio_ethernet_module_stbnip2212:*:*:*:*:*:*:*:*range: <=2.73
    • cpe:2.3:a:schneider-electric:stb_dio_ethernet_module_stbnip2311:*:*:*:*:*:*:*:*range: <=3.01

Patches

Vulnerability mechanics

References

7

News mentions

0

No linked articles in our index yet.