EUVD-2021-22168

🗓️ 07 Oct 2025 00:30:54Reported by EUVDType

Vulnerability in Hitachi Energy TXpert Hub CoreTec 4 allows malicious firmware upload by privileged users.

Reporter	Title	Published	Views	Family All 9
Circl	CVE-2021-35532	8 Jun 202200:31	–	circl
CNNVD	Hitachi Energy TXpert Hub CoreTec 4 代码问题漏洞	7 Jun 202200:00	–	cnnvd
CVE	CVE-2021-35532	7 Jun 202220:04	–	cve
Cvelist	CVE-2021-35532 Firmware upload verification bypass in TXpert Hub CoreTec 4	7 Jun 202220:04	–	cvelist
ICS	Hitachi Energy TXpert Hub CoreTec 4	6 Sep 202200:00	–	ics
NVD	CVE-2021-35532	7 Jun 202221:15	–	nvd
OSV	CVE-2021-35532	7 Jun 202221:15	–	osv
Prion	Privilege escalation	7 Jun 202221:15	–	prion
Positive Technologies	PT-2022-10468 · Hitachi Energy · Hitachi Energy Txpert Hub Coretec 4	7 Jun 202200:00	–	ptsecurity

[
  {
    "enisaIdVendor": [
      {
        "id": "5ae7fdd0-3e8b-3ca1-b069-17b940aa3288",
        "vendor": {
          "name": "Hitachi Energy"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "01917e0b-5c37-36f3-bc16-925624b73d74",
        "product": {
          "name": "TXpert Hub CoreTec 4 version"
        },
        "product_version": "2.1.0"
      },
      {
        "id": "18f98e30-de31-3654-b821-4cd78586122a",
        "product": {
          "name": "TXpert Hub CoreTec 4 version"
        },
        "product_version": "2.1.1"
      },
      {
        "id": "2a742a0e-bb7d-3bbf-badf-3b40964a9d1e",
        "product": {
          "name": "TXpert Hub CoreTec 4 version"
        },
        "product_version": "2.0.1"
      },
      {
        "id": "2cd4f0bf-31ac-3b7a-b67a-ce299109136e",
        "product": {
          "name": "TXpert Hub CoreTec 4 version"
        },
        "product_version": "2.1.2"
      },
      {
        "id": "43bbb561-a300-38f4-a22a-4e2cc14419e2",
        "product": {
          "name": "TXpert Hub CoreTec 4 version"
        },
        "product_version": "2.1.3"
      },
      {
        "id": "6063856f-cffc-304c-8639-888f2a82f01b",
        "product": {
          "name": "TXpert Hub CoreTec 4 version"
        },
        "product_version": "2.0.0"
      },
      {
        "id": "70c33020-13a6-3d7c-9473-5034d1eb6fda",
        "product": {
          "name": "TXpert Hub CoreTec 4 version"
        },
        "product_version": "2.2.0"
      },
      {
        "id": "f2c04e7e-86da-3a9f-8c38-852b9c4cdafe",
        "product": {
          "name": "TXpert Hub CoreTec 4 version"
        },
        "product_version": "2.2.1"
      }
    ]
  }
]

Source	Link
search	www.search.abb.com/library/Download.aspx
github	www.github.com/advisories/GHSA-293c-r3p4-g63r

07 Oct 2025 00:30Current

6.6Medium risk

Vulners AI Score6.6

CVSS 3.16.7

CVSS 27.2

EPSS0.00021

vulnerability file upload malicious firmware hitachi energy txpert hub coretec 4 privileged access