CVE-2021-35532

Published: 07/06/2022 Updated: 19/04/2023

CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9

CVSS v3 Base Score: 6.7 | Impact Score: 5.9 | Exploitability Score: 0.8

VMScore: 641

Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

A vulnerability exists in the file upload validation part of Hitachi Energy TXpert Hub CoreTec 4 product. The vulnerability allows an attacker or malicious agent who manages to gain access to the system and obtain an account with sufficient privilege to upload a malicious firmware to the product. This issue affects: Hitachi Energy TXpert Hub CoreTec 4 version 2.0.0; 2.0.1; 2.1.0; 2.1.1; 2.1.2; 2.1.3; 2.2.0; 2.2.1.

Vulnerable Product	Search on Vulmon	Subscribe to Product
hitachienergy txpert_hub_coretec_4_firmware 2.0.0
hitachienergy txpert_hub_coretec_4_firmware 2.0.1
hitachienergy txpert_hub_coretec_4_firmware 2.1.0
hitachienergy txpert_hub_coretec_4_firmware 2.1.1
hitachienergy txpert_hub_coretec_4_firmware 2.1.2
hitachienergy txpert_hub_coretec_4_firmware 2.1.3
hitachienergy txpert_hub_coretec_4_firmware 2.2.0
hitachienergy txpert_hub_coretec_4_firmware 2.2.1

Critical Infrastructure Sectors: Energy

CWE-434 https://search.abb.com/library/Download.aspx?DocumentID=8DBD000080&LanguageCode=en&DocumentPartId=&Action=Launch&utm_campaign=&utm_content=2022.04_5763_Cybersecurity%20Advisory%20Update_May_03&utm_medium=email&utm_source=Eloqua https://nvd.nist.gov https://www.cisa.gov/uscert/ics/advisories/icsa-22-249-04

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2021-35532

Vulnerability Summary

Vulnerability Trend

ICS Advisories

References

Vulmon Search

About

Products

Connect