CVE-2014-9197

CVE-2014-9197: Schneider Electric ETG3000 FactoryCast HMI Gateway Missing Authentication for Critical Function

Vendor Schneider Electric
Product ETG3000 FactoryCast HMI Gateway
Weakness CWE-306 · Missing auth
Published January 27, 2015
Last update September 5, 2025

CVSS base score

What the vulnerability does

01Description

The Schneider Electric ETG3000 FactoryCast HMI Gateway with firmware before 1.60 IR 04 stores rde.jar under the web root with insufficient access control, which allows remote attackers to obtain sensitive setup and configuration information via a direct request.

Key dates

02Disclosure timeline

January 27, 2015 CVE published
September 5, 2025 Record updated