Lucene search
IcscertCVELIST:CVE-2021-43936HistoryDec 06, 2021 - 5:39 p.m.
CVE-2021-43936 Distributed Data Systems WebHM
2021-12-0617:39:24
icscert
www.cve.org
4
cve-2021-43936
distributed data systems
webhmi
file uploads
arbitrary code execution
CVSS3
10
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
AI Score
10
Confidence
High
EPSS
0.014
Percentile
86.7%
The software allows the attacker to upload or transfer files of dangerous types to the WebHMI portal, that may be automatically processed within the product’s environment or lead to arbitrary code execution.
CNA Affected
[
{
"product": "WebHMI",
"vendor": "Distributed Data Systems",
"versions": [
{
"lessThan": "4.1",
"status": "affected",
"version": "4.1",
"versionType": "custom"
}
]
}
]Related
zdt
zdt
WebHMI 4.0 - Remote Code Execution Exploit
2021-12-13 00:00:00
exploitdb
exploitdb
WebHMI 4.0 - Remote Code Execution (RCE) (Authenticated)
2021-12-13 00:00:00
prion
prion
Code injection
2021-12-06 18:15:00
packetstorm
packetstorm
WebHMI 4.0 Remote Code Execution
2021-12-13 00:00:00
nvd
nvd
CVE-2021-43936
2021-12-06 18:15:08
cve
cve
CVE-2021-43936
2021-12-06 18:15:08
cnvd
cnvd
Distributed Data Systems WebHMI File Upload Vulnerability
2021-12-04 00:00:00
githubexploit
githubexploit
ics
ics
Distributed Data Systems WebHMI
2021-12-02 12:00:00
checkpoint_advisories
checkpoint_advisories
CVSS3
10
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
AI Score
10
Confidence
High
EPSS
0.014
Percentile
86.7%
Related for CVELIST:CVE-2021-43936