Lucene search
Hitachi EnergyCVELIST:CVE-2021-35532HistoryMay 10, 2022 - 12:00 a.m.
CVE-2021-35532 Firmware upload verification bypass in TXpert Hub CoreTec 4
2022-05-1000:00:00
CWE-494
Hitachi Energy
www.cve.org
0.0004 Low
EPSS
Percentile
12.7%
A vulnerability exists in the file upload validation part of Hitachi Energy TXpert Hub CoreTec 4 product. The vulnerability allows an attacker or malicious agent who manages to gain access to the system and obtain an account with sufficient privilege to upload a malicious firmware to the product. This issue affects: Hitachi Energy TXpert Hub CoreTec 4 version 2.0.0; 2.0.1; 2.1.0; 2.1.1; 2.1.2; 2.1.3; 2.2.0; 2.2.1.
CNA Affected
[
{
"product": "TXpert Hub CoreTec 4 version",
"vendor": "Hitachi Energy",
"versions": [
{
"status": "affected",
"version": "2.0.0"
},
{
"status": "affected",
"version": "2.0.1"
},
{
"status": "affected",
"version": "2.1.0"
},
{
"status": "affected",
"version": "2.1.1"
},
{
"status": "affected",
"version": "2.1.2"
},
{
"status": "affected",
"version": "2.1.3"
},
{
"status": "affected",
"version": "2.2.0"
},
{
"status": "affected",
"version": "2.2.1"
}
]
}
]Related
cve
cve
CVE-2021-35532
2022-06-07 21:15:14
nvd
nvd
CVE-2021-35532
2022-06-07 21:15:14
prion
prion
Privilege escalation
2022-06-07 21:15:00
ics
ics
Hitachi Energy TXpert Hub CoreTec 4
2022-09-06 12:00:00