**VERSION NOT SUPPORTED WHEN ASSIGNED** A legacy debug port account in TCMs installed in Tricon system versions 10.2.0 through 10.5.3 is visible on the network and could allow inappropriate access. This vulnerability was remediated in TCM version 10.5.4.
2020-07-23T21:15:12.113
2024-11-21T05:37:15.040
Modified
CVSSv3.1: 7.5 (HIGH)
AV:N/AC:L/Au:N/C:P/I:N/A:N
10.0
2.9
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Operating System | schneider-electric | tricon_tcm_4351_firmware | < 10.5.4 | Yes |
| Hardware | schneider-electric | tricon_tcm_4351 | - | No |
| Operating System | schneider-electric | tricon_tcm_4352_firmware | < 10.5.4 | Yes |
| Hardware | schneider-electric | tricon_tcm_4352 | - | No |
| Operating System | schneider-electric | tricon_tcm_4351a_firmware | < 10.5.4 | Yes |
| Hardware | schneider-electric | tricon_tcm_4351a | - | No |
| Operating System | schneider-electric | tricon_tcm_4351b_firmware | < 10.5.4 | Yes |
| Hardware | schneider-electric | tricon_tcm_4351b | - | No |
| Operating System | schneider-electric | tricon_tcm_4352a_firmware | < 10.5.4 | Yes |
| Hardware | schneider-electric | tricon_tcm_4352a | - | No |
| Operating System | schneider-electric | tricon_tcm_4352b_firmware | < 10.5.4 | Yes |
| Hardware | schneider-electric | tricon_tcm_4352b | - | No |
| Operating System | schneider-electric | tristation_1131_firmware | ≤ 4.9.0 | Yes |
| Operating System | schneider-electric | tristation_1131_firmware | ≤ 4.12.0 | Yes |
| Hardware | schneider-electric | tristation_1131 | - | No |