Published threat advisories for July 24, 2018

Certain Echelon devices, including SmartServer and i.LON products, have a flaw that allows unauthorized access by bypassing authentication controls. This occurs when attackers manipulate directory names. The risk involves unauthorized access to systems and potential data compromise.

NVD published: July 24, 2018

Certain Echelon devices allow unencrypted web connections and insecure firmware updates. This presents a risk of unauthorized access and potential manipulation of device operations, impacting organizational data confidentiality and operational integrity. Attackers could exploit these weaknesses to compromise industrial

NVD published: July 24, 2018

Certain Echelon devices store passwords in plain text, enabling an attacker with configuration file access to log into the web interface. This could lead to unauthorized system access, impacting operations and data. The realistic business risk involves potential compromise of industrial control systems and related oper

NVD published: July 24, 2018

Echelon SmartServer and i.LON devices are impacted, allowing attackers to retrieve and change sensitive configuration data like usernames and passwords. This presents a business risk of unauthorized system access and modification.

NVD published: July 24, 2018