Vulnerability Description
The software contains a hard-coded password that could allow an attacker to take control of the merging unit using these hard-coded credentials on the MU320E (all firmware versions prior to v04A00.1).
CVSS Score
7.8
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ge | Mu320E Firmware | < 04a00.1 |
| Ge | Mu320E | - |
Related Weaknesses (CWE)
References
- https://us-cert.cisa.gov/ics/advisories/icsa-21-082-02Third Party AdvisoryUS Government Resource
- https://us-cert.cisa.gov/ics/advisories/icsa-21-082-02Third Party AdvisoryUS Government Resource
FAQ
What is CVE-2021-27452?
CVE-2021-27452 is a vulnerability with a CVSS score of 7.8 (HIGH). The software contains a hard-coded password that could allow an attacker to take control of the merging unit using these hard-coded credentials on the MU320E (all firmware versions prior to v04A00.1).
How severe is CVE-2021-27452?
CVE-2021-27452 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2021-27452?
Check the references section above for vendor advisories and patch information. Affected products include: Ge Mu320E Firmware, Ge Mu320E.