Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

RedhatCVE
RedhatCVEadded 2026/01/09 8:53 a.m.4 views

CVE-2021-27426

GE UR IED firmware versions prior to version 8.1x with “Basic” security variant does not allow the disabling of the “Factory Mode,” which is used for servicing the IED by a “Factory” user...

9.8CVSS7AI score0.0029EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/01/09 8:53 a.m.3 views

CVE-2021-27428

GE UR IED firmware versions prior to version 8.1x supports upgrading firmware using UR Setup configuration tool – Enervista UR Setup. This UR Setup tool validates the authenticity and integrity of firmware file before uploading the UR IED. An illegitimate user could upgrade firmware without...

9.8CVSS6.9AI score0.0029EPSS
Exploits0References1
NVD
NVDadded 2025/03/10 9:15 a.m.3 views

CVE-2025-27253

A CWE-15 "External Control of System or Configuration Setting" in GE Vernova UR IED family devices from version 7.0 up to 8.60 allows an attacker to provide input that establishes a TCP connection through a port forwarding. The lack of the IP address and port validation may allow the attacker to...

6.1CVSS0.00009EPSS
Exploits0References2
NVD
NVDadded 2022/03/23 8:15 p.m.16 views

CVE-2021-27426

GE UR IED firmware versions prior to version 8.1x with “Basic” security variant does not allow the disabling of the “Factory Mode,” which is used for servicing the IED by a “Factory” user...

9.8CVSS0.0029EPSS
Exploits0References2
NVD
NVDadded 2022/03/23 8:15 p.m.16 views

CVE-2021-27428

GE UR IED firmware versions prior to version 8.1x supports upgrading firmware using UR Setup configuration tool – Enervista UR Setup. This UR Setup tool validates the authenticity and integrity of firmware file before uploading the UR IED. An illegitimate user could upgrade firmware without...

9.8CVSS0.0029EPSS
Exploits0References2
Prion
Prionadded 2022/03/23 8:15 p.m.14 views

Code injection

GE UR IED firmware versions prior to version 8.1x with “Basic” security variant does not allow the disabling of the “Factory Mode,” which is used for servicing the IED by a “Factory” user...

7.5CVSS9.4AI score0.0029EPSS
Exploits0References2Affected Software19
CVE
CVEadded 2022/03/23 7:46 p.m.94 views

CVE-2021-27426

CVE-2021-27426 affects GE UR family UR IEDs; prior to firmware 8.1x with Basic security, the device does not allow disabling Factory Mode, enabling servicing by factory users. Root cause is an insecure default variable initialization (CWE-453). Impact per sources includes potential bypass of acce...

9.8CVSS9.6AI score0.0029EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichmentadded 2022/03/23 7:46 p.m.5 views

CVE-2021-27426 GE UR family insecure default variable initialization

GE UR IED firmware versions prior to version 8.1x with “Basic” security variant does not allow the disabling of the “Factory Mode,” which is used for servicing the IED by a “Factory” user...

9.8CVSS9.5AI score0.0029EPSS
Exploits0References2
CVE
CVEadded 2022/03/23 7:46 p.m.96 views

CVE-2021-27428

CVE-2021-27428 affects GE UR family UR IED firmware prior to 8.1x, where the UR Setup (Enervista UR Setup) firmware upgrade flow does not enforce appropriate privileges, allowing an illegitimate user to upgrade firmware. The weakness centers on Unrestricted Upload of a Dangerous Type; the vulnera...

9.8CVSS9.5AI score0.0029EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder