VYPR
Unrated severityNVD Advisory· Published Jan 27, 2015· Updated Jun 17, 2026

CVE-2014-9197

CVE-2014-9197

Description

The Schneider Electric ETG3000 FactoryCast HMI Gateway with firmware before 1.60 IR 04 stores rde.jar under the web root with insufficient access control, which allows remote attackers to obtain sensitive setup and configuration information via a direct request.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

7
  • cpe:2.3:h:schneider-electric:tsxetg3000:-:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:h:schneider-electric:tsxetg3000:-:*:*:*:*:*:*:*
    • cpe:2.3:h:schneider-electric:tsxetg3010:-:*:*:*:*:*:*:*
    • cpe:2.3:h:schneider-electric:tsxetg3021:-:*:*:*:*:*:*:*
  • cpe:2.3:h:schneider-electric:tsxetg3022:-:*:*:*:*:*:*:*
  • cpe:2.3:o:schneider-electric:etg3000_factorycast_hmi_gateway_firmware:1.60.2:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:o:schneider-electric:etg3000_factorycast_hmi_gateway_firmware:1.60.2:*:*:*:*:*:*:*
    • (no CPE)range: <1.60 IR 04
    • (no CPE)range: TSXETG3000

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.