Vulnerabilities in Schneider Electrics ETG3000 FactoryCast HMI Gateway could be exploited by an attacker to bypass authentication process and remote access to the system’s FTP server and configuration file. The vulnerabilities affect different versions of the Schneider Electric gateway, which is widely used in many industries like manufacturing, energy and water. The update issued by Schneider Electric fixes the FTP bug by giving users the ability to disable the FTP server, anyway it does not remove the hard-coded credentials for the FTP service.”]
Source: https://securityaffairs.co/wordpress/32570/security/schneider-electric-scada-flaws.html