Unknown
CVE-2021-27428
CVE ID
AttackerKB requires a CVE ID in order to pull vulnerability data and references from the CVE list and the National Vulnerability Database. If available, please supply below:
Add References:
CVE-2021-27428
MITRE ATT&CK
Collection
Command and Control
Credential Access
Defense Evasion
Discovery
Execution
Exfiltration
Impact
Initial Access
Lateral Movement
Persistence
Privilege Escalation
Topic Tags
Description
GE UR IED firmware versions prior to version 8.1x supports upgrading firmware using UR Setup configuration tool – Enervista UR Setup. This UR Setup tool validates the authenticity and integrity of firmware file before uploading the UR IED. An illegitimate user could upgrade firmware without appropriate privileges. The weakness is assessed, and mitigation is implemented in firmware Version 8.10.
Add Assessment
No one has assessed this topic. Be the first to add your voice to the community.
CVSS V3 Severity and Metrics
General Information
Vendors
Products
- multilin b30 firmware,
- multilin b90 firmware,
- multilin c30 firmware,
- multilin c60 firmware,
- multilin c70 firmware,
- multilin c95 firmware,
- multilin d30 firmware,
- multilin d60 firmware,
- multilin f35 firmware,
- multilin f60 firmware,
- multilin g30 firmware,
- multilin g60 firmware,
- multilin l30 firmware,
- multilin l60 firmware,
- multilin l90 firmware,
- multilin m60 firmware,
- multilin n60 firmware,
- multilin t35 firmware,
- multilin t60 firmware
Weaknesses
References
Additional Info
Technical Analysis
Report as Emergent Threat Response
Report as Zero-day Exploit
Report as Exploited in the Wild
CVE ID
AttackerKB requires a CVE ID in order to pull vulnerability data and references from the CVE list and the National Vulnerability Database. If available, please supply below:
