File Transfer Protocol (FTP) is a clear text file transfer protocol that suffers from the following vulnerabilities:

• Vulnerable FTP server application code
• Hard coded credentials
• FTP bounce attack
• FTP brute-force attack
• Packet capture (or sniffing)
• Spoof attack
• Port stealing

The FTP is commonly used to transfer project files to ICS devices or upload and download firmware. A quick search on ICS-CERT reveals the following vulnerabilities involving FTP servers: