Published: 20/01/2023 Updated: 30/10/2023

CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8

VMScore: 0

Subscribe to Nova 220 Eyk220f001 Firmware

SAUTER Controls Nova 200–220 Series with firmware version 3.3-006 and prior and BACnetstac version 4.2.1 and prior allows the execution of commands without credentials. As Telnet and file transfer protocol (FTP) are the only protocols available for device management, an unauthorized user could access the system and modify the device configuration, which could result in the unauthorized user executing unrestricted malicious commands.

Vulnerable Product	Search on Vulmon	Subscribe to Product
sauter-controls nova_220_eyk220f001_firmware
sauter-controls nova_230_eyk230f001_firmware
sauter-controls nova_106_eyk300f001_firmware
sauter-controls modunet300_ey-am300f001_firmware
sauter-controls modunet300_ey-am300f002_firmware

Critical Infrastructure Sectors: Critical Manufacturing, Energy

CWE-306 https://www.cisa.gov/uscert/ics/advisories/icsa-23-012-05 https://nvd.nist.gov https://www.cisa.gov/uscert/ics/advisories/icsa-22-012-05

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2023-0052

Vulnerability Summary

Vulnerability Trend

ICS Advisories

References

Vulmon Search

About

Products

Connect