SAUTER Controls Nova 200–220 Series with firmware version 3.3-006 and prior and BACnetstac version 4.2.1 and prior have only FTP and Telnet available for device management. Any sensitive information communicated through these protocols, such as credentials, is sent in cleartext.
SAUTER Controls Nova 200–220 Series with firmware version 3.3-006 and prior and BACnetstac version 4.2.1 and prior have only FTP and Telnet available for device management. Any sensitive information communicated through these protocols, such as credentials, is sent in cleartext. An attacker could obtain sensitive information such as user credentials to gain access to the system.
| Vendor | Product | Versions |
|---|---|---|
| SAUTER Controls | Nova 220 (EYK220F001) DDC with BACnet connection | Firmware all versions, BACnetstac all versions |
| SAUTER Controls | Nova 230 (EYK230F001) DDC with BACnet connection | Firmware all versions, BACnetstac all versions |
| SAUTER Controls | Nova 106 (EYK300F001) BACnet communication card | Firmware all versions, BACnetstac all versions |
| SAUTER Controls | moduNet300 (EY | AM300F001, EY-AM300F002) — Firmware all versions, BACnetstac all versions |
Not currently listed on the CISA Known Exploited Vulnerabilities (KEV) catalog. EPSS is the best forward-looking signal — see the EPSS row above.
For the full vendor write-up, exploit chains, and reference implementations, see the references list in section 09.
Open the Sigma generator with a pre-filled prompt for this CVE to draft a starting detection in your stack of choice:
No directly-cited follow-up CVEs in the KB record for this advisory. The references list in section 09 carries the vendor cross-references.