← Back

CVE-2021-37160

nvd nist
Published: Aug 2, 2021Modified: Nov 21, 2024

JSON object

Loading...
9.8
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Exploitability: 3.9 / Impact: 5.9
Source: NVD

Description

A firmware validation issue was discovered in HMI3 Control Panel in Swisslog Healthcare Nexus Panel operated by released versions of software before Nexus Software 7.2.5.7. There is no firmware validation (e.g., cryptographic signature validation) during a File Upload for a firmware update.

Affected (1)

Swisslog Healthcare
1 product
Hmi 3 Control Panel Firmware
Configuration A
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Hmi 3 Control Panel Firmware
Before 7.2.5.7
Running on/withPlatform Versions
Swisslog Healthcare
Hmi 3 Control Panel
All versions

Related CWEs

CWE-347
Improper Verification of Cryptographic Signature
The product does not verify, or incorrectly verifies, the cryptographic signature for data.

References (8)

Source: cve@mitre.org
Broken Link
Source: cve@mitre.org
Product
Source: cve@mitre.org
Vendor Advisory
Source: cve@mitre.org
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
Source: af854a3a-2127-422b-91ae-364da2661108
Product
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.