Security Advisory

CVE-2019-14925

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2019-10-28 12:12:34

Last updated 2024-09-10 17:06:17

Assigner mitre

State PUBLISHED

Description

An issue was discovered on Mitsubishi Electric Europe B.V. ME-RTU devices through 2.02 and INEA ME-RTU devices through 3.0. A world-readable /usr/smartrtu/init/settings.xml configuration file on the file system allows an attacker to read sensitive configuration settings such as usernames, passwords, and other sensitive RTU data due to insecure permission assignment.

← Browse all CVEs View on cve.org ↗