Vulnerability Description
The software contains a hard-coded password it uses for its own inbound authentication or for outbound communication to external components on the Reason DR60 (all firmware versions prior to 02A04.1).
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ge | Reason Dr60 Firmware | < 02a04.1 |
| Ge | Reason Dr60 | - |
Related Weaknesses (CWE)
References
- https://us-cert.cisa.gov/ics/advisories/icsa-21-082-03Third Party AdvisoryUS Government Resource
- https://us-cert.cisa.gov/ics/advisories/icsa-21-082-03Third Party AdvisoryUS Government Resource
FAQ
What is CVE-2021-27440?
CVE-2021-27440 is a vulnerability with a CVSS score of 9.8 (CRITICAL). The software contains a hard-coded password it uses for its own inbound authentication or for outbound communication to external components on the Reason DR60 (all firmware versions prior to 02A04.1).
How severe is CVE-2021-27440?
CVE-2021-27440 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2021-27440?
Check the references section above for vendor advisories and patch information. Affected products include: Ge Reason Dr60 Firmware, Ge Reason Dr60.