File Transfer Protocol (FTP) is a clear text file transfer protocol that suffers from the following vulnerabilities:
- Vulnerable FTP server application code
- Hard coded credentials
- FTP bounce attack
- FTP brute-force attack
- Packet capture (or sniffing)
- Spoof attack
- Port stealing
The FTP is commonly used to transfer project files to ICS devices or upload and download firmware. A quick search on ICS-CERT reveals the following vulnerabilities involving FTP servers: