CVE-2021-40333

Published: Dec 2, 2021Modified: Nov 21, 2024

7.1

Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N

Exploitability: 2.8 / Impact: 4.2

Source: NVD

Description

Weak Password Requirements vulnerability in Hitachi Energy FOX61x, XCM20 allows an attacker to gain unauthorized access to the Data Communication Network (DCN) routing configuration. This issue affects: Hitachi Energy FOX61x versions prior to R15A. Hitachi Energy XCM20 versions prior to R15A.

Affected (2)

Products: Hitachienergy: Fox615 Firmware, Xcm20 Firmware

2 products

Fox615 Firmware

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Hitachienergy Fox615 Firmware	Before r15a

Running on/with	Platform Versions
Hitachienergy Fox615	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Hitachienergy Xcm20 Firmware	Before r15a

Running on/with	Platform Versions
Hitachienergy Xcm20	All versions

Related CWEs

Weak Password Requirements

The product does not require that users should have strong passwords, which makes it easier for attackers to compromise user accounts.

References (4)

https://search.abb.com/library/Download.aspx?DocumentID=8DBD000062&LanguageCode=en&DocumentPartId=&Action=Launch

Source: cybersecurity@hitachienergy.com

Vendor Advisory

https://search.abb.com/library/Download.aspx?DocumentID=8DBD000069&LanguageCode=en&DocumentPartId=&Action=Launch

Source: cybersecurity@hitachienergy.com

Vendor Advisory

https://search.abb.com/library/Download.aspx?DocumentID=8DBD000062&LanguageCode=en&DocumentPartId=&Action=Launch

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://search.abb.com/library/Download.aspx?DocumentID=8DBD000069&LanguageCode=en&DocumentPartId=&Action=Launch

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.