Lucene search

SchneiderCVELIST:CVE-2021-22727

HistoryJul 21, 2021 - 10:43 a.m.

CVE-2021-22727

2021-07-2110:43:27

CWE-331

schneider

www.cve.org

cwe-331

evlink city

evlink parking

evlink smart wallbox

r8 v3.4.0.1

unauthorized access

AI Score

9.6

Confidence

High

EPSS

0.002

Percentile

60.7%

JSON

A CWE-331: Insufficient Entropy vulnerability exists in EVlink City (EVC1S22P4 / EVC1S7P4 all versions prior to R8 V3.4.0.1), EVlink Parking (EVW2 / EVF2 / EV.2 all versions prior to R8 V3.4.0.1), and EVlink Smart Wallbox (EVB1A all versions prior to R8 V3.4.0.1 ) that could allow an attacker to gain unauthorized access to the charging station web server

CNA Affected

[
  {
    "product": "EVlink City (EVC1S22P4 / EVC1S7P4 all versions prior to R8 V3.4.0.1), EVlink Parking (EVW2 / EVF2 / EV.2 all versions prior to R8 V3.4.0.1), and EVlink Smart Wallbox (EVB1A all versions prior to R8 V3.4.0.1 )",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "EVlink City (EVC1S22P4 / EVC1S7P4 all versions prior to R8 V3.4.0.1), EVlink Parking (EVW2 / EVF2 / EV.2 all versions prior to R8 V3.4.0.1), and EVlink Smart Wallbox (EVB1A all versions prior to R8 V3.4.0.1 )"
      }
    ]
  }
]

References

download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-194-06