Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
2 vulnerabilities by kalkitech
VAR-201905-1150
Vulnerability from variot - Updated: 2023-12-18 13:23Kalki Kalkitech SYNC3000 Substation DCU GPC v2.22.6, 2.23.0, 2.24.0, 3.0.0, 3.1.0, 3.1.16, 3.2.3, 3.2.6, 3.5.0, 3.6.0, and 3.6.1, when WebHMI is not installed, allows an attacker to inject client-side commands or scripts to be executed on the device with privileged access, aka CYB/2019/19561. The attack requires network connectivity to the device and exploits the webserver interface, typically through a browser. Kalki Kalkitech SYNC3000 Substation DCU Contains vulnerabilities related to authorization, permissions, and access control.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Kalkitech SYNC3000 Substation DCU GPC is a substation data concentrator and communication device. A security vulnerability exists in the Kalkitech SYNC3000 Substation DCU GPC. An attacker could exploit this vulnerability to execute injected client commands or scripts. The following products and versions are affected: Kalkitech SYNC3000 Substation DCU GPC Version 2.22.6, Version 2.23.0, Version 2.24.0, Version 3.0.0, Version 3.1.0, Version 3.1.16, Version 3.2.3, Version 3.2.6 Version, version 3.5.0, version 3.6.0, version 3.6.1
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201905-1150",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "sync3000",
"scope": "eq",
"trust": 1.0,
"vendor": "kalkitech",
"version": "2.22.6"
},
{
"model": "sync3000",
"scope": "eq",
"trust": 1.0,
"vendor": "kalkitech",
"version": "3.2.3"
},
{
"model": "sync3000",
"scope": "eq",
"trust": 1.0,
"vendor": "kalkitech",
"version": "3.1.0"
},
{
"model": "sync3000",
"scope": "eq",
"trust": 1.0,
"vendor": "kalkitech",
"version": "3.0.0"
},
{
"model": "sync3000",
"scope": "eq",
"trust": 1.0,
"vendor": "kalkitech",
"version": "2.23.0"
},
{
"model": "sync3000",
"scope": "eq",
"trust": 1.0,
"vendor": "kalkitech",
"version": "3.1.16"
},
{
"model": "sync3000",
"scope": "eq",
"trust": 1.0,
"vendor": "kalkitech",
"version": "3.2.6"
},
{
"model": "sync3000",
"scope": "eq",
"trust": 1.0,
"vendor": "kalkitech",
"version": "3.5.0"
},
{
"model": "sync3000",
"scope": "eq",
"trust": 1.0,
"vendor": "kalkitech",
"version": "3.6.1"
},
{
"model": "sync3000",
"scope": "eq",
"trust": 1.0,
"vendor": "kalkitech",
"version": "2.24.0"
},
{
"model": "sync3000",
"scope": "eq",
"trust": 1.0,
"vendor": "kalkitech",
"version": "3.6.0"
},
{
"model": "sync 3000",
"scope": "eq",
"trust": 0.8,
"vendor": "kalki communication pvt",
"version": "gpc 2.22.6"
},
{
"model": "sync 3000",
"scope": "eq",
"trust": 0.8,
"vendor": "kalki communication pvt",
"version": "gpc 2.23.0"
},
{
"model": "sync 3000",
"scope": "eq",
"trust": 0.8,
"vendor": "kalki communication pvt",
"version": "gpc 2.24.0"
},
{
"model": "sync 3000",
"scope": "eq",
"trust": 0.8,
"vendor": "kalki communication pvt",
"version": "gpc 3.0.0"
},
{
"model": "sync 3000",
"scope": "eq",
"trust": 0.8,
"vendor": "kalki communication pvt",
"version": "gpc 3.1.0"
},
{
"model": "sync 3000",
"scope": "eq",
"trust": 0.8,
"vendor": "kalki communication pvt",
"version": "gpc 3.1.16"
},
{
"model": "sync 3000",
"scope": "eq",
"trust": 0.8,
"vendor": "kalki communication pvt",
"version": "gpc 3.2.3"
},
{
"model": "sync 3000",
"scope": "eq",
"trust": 0.8,
"vendor": "kalki communication pvt",
"version": "gpc 3.2.6"
},
{
"model": "sync 3000",
"scope": "eq",
"trust": 0.8,
"vendor": "kalki communication pvt",
"version": "gpc 3.5.0"
},
{
"model": "sync 3000",
"scope": "eq",
"trust": 0.8,
"vendor": "kalki communication pvt",
"version": "gpc 3.6.0"
},
{
"model": "sync 3000",
"scope": "eq",
"trust": 0.8,
"vendor": "kalki communication pvt",
"version": "gpc 3.6.1"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-004822"
},
{
"db": "NVD",
"id": "CVE-2019-11536"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:kalkitech:sync3000_firmware:3.5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:kalkitech:sync3000_firmware:3.6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:kalkitech:sync3000_firmware:3.6.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:kalkitech:sync3000_firmware:2.22.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:kalkitech:sync3000_firmware:2.23.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:kalkitech:sync3000_firmware:2.24.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:kalkitech:sync3000_firmware:3.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:kalkitech:sync3000_firmware:3.1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:kalkitech:sync3000_firmware:3.2.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:kalkitech:sync3000_firmware:3.1.16:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:kalkitech:sync3000_firmware:3.2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:kalkitech:sync3000:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2019-11536"
}
]
},
"cve": "CVE-2019-11536",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2019-11536",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-143192",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2019-11536",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2019-11536",
"trust": 1.8,
"value": "CRITICAL"
},
{
"author": "CNNVD",
"id": "CNNVD-201905-889",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-143192",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2019-11536",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-143192"
},
{
"db": "VULMON",
"id": "CVE-2019-11536"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004822"
},
{
"db": "NVD",
"id": "CVE-2019-11536"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-889"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Kalki Kalkitech SYNC3000 Substation DCU GPC v2.22.6, 2.23.0, 2.24.0, 3.0.0, 3.1.0, 3.1.16, 3.2.3, 3.2.6, 3.5.0, 3.6.0, and 3.6.1, when WebHMI is not installed, allows an attacker to inject client-side commands or scripts to be executed on the device with privileged access, aka CYB/2019/19561. The attack requires network connectivity to the device and exploits the webserver interface, typically through a browser. Kalki Kalkitech SYNC3000 Substation DCU Contains vulnerabilities related to authorization, permissions, and access control.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Kalkitech SYNC3000 Substation DCU GPC is a substation data concentrator and communication device. A security vulnerability exists in the Kalkitech SYNC3000 Substation DCU GPC. An attacker could exploit this vulnerability to execute injected client commands or scripts. The following products and versions are affected: Kalkitech SYNC3000 Substation DCU GPC Version 2.22.6, Version 2.23.0, Version 2.24.0, Version 3.0.0, Version 3.1.0, Version 3.1.16, Version 3.2.3, Version 3.2.6 Version, version 3.5.0, version 3.6.0, version 3.6.1",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-11536"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004822"
},
{
"db": "VULHUB",
"id": "VHN-143192"
},
{
"db": "VULMON",
"id": "CVE-2019-11536"
}
],
"trust": 1.8
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-11536",
"trust": 2.6
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004822",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201905-889",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-143192",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2019-11536",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-143192"
},
{
"db": "VULMON",
"id": "CVE-2019-11536"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004822"
},
{
"db": "NVD",
"id": "CVE-2019-11536"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-889"
}
]
},
"id": "VAR-201905-1150",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-143192"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T13:23:44.989000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "CYB/2019/19561",
"trust": 0.8,
"url": "https://www.kalkitech.com/wp-content/uploads/cyb_19561_advisory.pdf"
},
{
"title": "Cybersecurity",
"trust": 0.8,
"url": "https://www.kalkitech.com/cybersecurity/"
},
{
"title": "Kalki Kalkitech SYNC3000 Substation DCU GPC Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=92868"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-004822"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-889"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-264",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-143192"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004822"
},
{
"db": "NVD",
"id": "CVE-2019-11536"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "https://www.kalkitech.com/cybersecurity/"
},
{
"trust": 1.8,
"url": "https://www.kalkitech.com/wp-content/uploads/cyb_19561_advisory.pdf"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-11536"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-11536"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-143192"
},
{
"db": "VULMON",
"id": "CVE-2019-11536"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004822"
},
{
"db": "NVD",
"id": "CVE-2019-11536"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-889"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-143192"
},
{
"db": "VULMON",
"id": "CVE-2019-11536"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004822"
},
{
"db": "NVD",
"id": "CVE-2019-11536"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-889"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-05-22T00:00:00",
"db": "VULHUB",
"id": "VHN-143192"
},
{
"date": "2019-05-22T00:00:00",
"db": "VULMON",
"id": "CVE-2019-11536"
},
{
"date": "2019-06-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-004822"
},
{
"date": "2019-05-22T18:29:00.537000",
"db": "NVD",
"id": "CVE-2019-11536"
},
{
"date": "2019-05-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201905-889"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-08-24T00:00:00",
"db": "VULHUB",
"id": "VHN-143192"
},
{
"date": "2020-08-24T00:00:00",
"db": "VULMON",
"id": "CVE-2019-11536"
},
{
"date": "2019-06-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-004822"
},
{
"date": "2020-08-24T17:37:01.140000",
"db": "NVD",
"id": "CVE-2019-11536"
},
{
"date": "2020-08-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201905-889"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201905-889"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Kalki Kalkitech SYNC3000 Substation DCU Vulnerabilities related to authorization, permissions, and access control",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-004822"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control issues",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201905-889"
}
],
"trust": 0.6
}
}
VAR-202201-0170
Vulnerability from variot - Updated: 2023-12-18 13:22A security vulnerability originally reported in the SYNC2101 product, and applicable to specific sub-families of SYNC devices, allows an attacker to download the configuration file used in the device and apply a modified configuration file back to the device. The attack requires network access to the SYNC device and knowledge of its IP address. The attack exploits the unsecured communication channel used between the administration tool Easyconnect and the SYNC device (in the affected family of SYNC products). plural SYNC There is an unspecified vulnerability in the device.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Kalkitech Sync Products is a range of substation gateways from the Indian company Kalkitech
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202201-0170",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "sync3000-m2",
"scope": "lte",
"trust": 1.0,
"vendor": "kalkitech",
"version": "4.15.3"
},
{
"model": "sync2101-m7",
"scope": "lte",
"trust": 1.0,
"vendor": "kalkitech",
"version": "4.15.3"
},
{
"model": "sync2000-m1",
"scope": "lte",
"trust": 1.0,
"vendor": "kalkitech",
"version": "4.15.3"
},
{
"model": "sync2101-m2",
"scope": "lte",
"trust": 1.0,
"vendor": "kalkitech",
"version": "4.15.3"
},
{
"model": "sync261-m1",
"scope": "lte",
"trust": 1.0,
"vendor": "kalkitech",
"version": "4.15.3"
},
{
"model": "sync241-m2",
"scope": "lte",
"trust": 1.0,
"vendor": "kalkitech",
"version": "4.15.3"
},
{
"model": "sync2101-m8",
"scope": "lte",
"trust": 1.0,
"vendor": "kalkitech",
"version": "4.15.3"
},
{
"model": "sync241-m1",
"scope": "lte",
"trust": 1.0,
"vendor": "kalkitech",
"version": "4.15.3"
},
{
"model": "sync2000-m2",
"scope": "lte",
"trust": 1.0,
"vendor": "kalkitech",
"version": "4.15.3"
},
{
"model": "sync2101-m6",
"scope": "lte",
"trust": 1.0,
"vendor": "kalkitech",
"version": "4.15.3"
},
{
"model": "sync221-m1",
"scope": "lte",
"trust": 1.0,
"vendor": "kalkitech",
"version": "4.15.3"
},
{
"model": "sync2101-m1",
"scope": "lte",
"trust": 1.0,
"vendor": "kalkitech",
"version": "4.15.3"
},
{
"model": "sync3000-m1",
"scope": "lte",
"trust": 1.0,
"vendor": "kalkitech",
"version": "4.15.3"
},
{
"model": "sync3000-m12",
"scope": "lte",
"trust": 1.0,
"vendor": "kalkitech",
"version": "4.15.3"
},
{
"model": "sync241-m4",
"scope": "lte",
"trust": 1.0,
"vendor": "kalkitech",
"version": "4.15.3"
},
{
"model": "sync3000-m3",
"scope": "lte",
"trust": 1.0,
"vendor": "kalkitech",
"version": "4.15.3"
},
{
"model": "sync2111-m3",
"scope": "lte",
"trust": 1.0,
"vendor": "kalkitech",
"version": "4.15.3"
},
{
"model": "sync2000-m4",
"scope": "lte",
"trust": 1.0,
"vendor": "kalkitech",
"version": "4.15.3"
},
{
"model": "sync3000-m4",
"scope": "lte",
"trust": 1.0,
"vendor": "kalkitech",
"version": "4.15.3"
},
{
"model": "sync2111-m2",
"scope": "lte",
"trust": 1.0,
"vendor": "kalkitech",
"version": "4.15.3"
},
{
"model": "sync241-m1",
"scope": null,
"trust": 0.8,
"vendor": "kalki communication pvt",
"version": null
},
{
"model": "sync2000-m4",
"scope": null,
"trust": 0.8,
"vendor": "kalki communication pvt",
"version": null
},
{
"model": "sync2000-m1",
"scope": null,
"trust": 0.8,
"vendor": "kalki communication pvt",
"version": null
},
{
"model": "sync241-m4",
"scope": null,
"trust": 0.8,
"vendor": "kalki communication pvt",
"version": null
},
{
"model": "sync2101-m1",
"scope": null,
"trust": 0.8,
"vendor": "kalki communication pvt",
"version": null
},
{
"model": "sync2101-m6",
"scope": null,
"trust": 0.8,
"vendor": "kalki communication pvt",
"version": null
},
{
"model": "sync241-m2",
"scope": null,
"trust": 0.8,
"vendor": "kalki communication pvt",
"version": null
},
{
"model": "sync2000-m2",
"scope": null,
"trust": 0.8,
"vendor": "kalki communication pvt",
"version": null
},
{
"model": "sync2101-m2",
"scope": null,
"trust": 0.8,
"vendor": "kalki communication pvt",
"version": null
},
{
"model": "sync261-m1",
"scope": null,
"trust": 0.8,
"vendor": "kalki communication pvt",
"version": null
},
{
"model": "sync products",
"scope": null,
"trust": 0.6,
"vendor": "kalkitech",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-09797"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-017713"
},
{
"db": "NVD",
"id": "CVE-2021-44564"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:kalkitech:sync241-m1_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.15.3",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:kalkitech:sync241-m1:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:kalkitech:sync241-m2_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.15.3",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:kalkitech:sync241-m2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:kalkitech:sync241-m4_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.15.3",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:kalkitech:sync241-m4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:kalkitech:sync261-m1_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.15.3",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:kalkitech:sync261-m1:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:kalkitech:sync2000-m1_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.15.3",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:kalkitech:sync2000-m1:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:kalkitech:sync2000-m2_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.15.3",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:kalkitech:sync2000-m2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:kalkitech:sync2000-m4_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.15.3",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:kalkitech:sync2000-m4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:kalkitech:sync2101-m1_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.15.3",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:kalkitech:sync2101-m1:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:kalkitech:sync2101-m2_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.15.3",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:kalkitech:sync2101-m2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:kalkitech:sync2101-m6_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.15.3",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:kalkitech:sync2101-m6:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:kalkitech:sync2101-m7_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.15.3",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:kalkitech:sync2101-m7:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:kalkitech:sync2101-m8_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.15.3",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:kalkitech:sync2101-m8:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:kalkitech:sync2111-m2_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.15.3",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:kalkitech:sync2111-m2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:kalkitech:sync2111-m3_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.15.3",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:kalkitech:sync2111-m3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:kalkitech:sync3000-m1_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.15.3",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:kalkitech:sync3000-m1:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:kalkitech:sync3000-m2_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.15.3",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:kalkitech:sync3000-m2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:kalkitech:sync3000-m3_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.15.3",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:kalkitech:sync3000-m3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:kalkitech:sync3000-m4_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.15.3",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:kalkitech:sync3000-m4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:kalkitech:sync3000-m12_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.15.3",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:kalkitech:sync3000-m12:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:kalkitech:sync221-m1_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.15.3",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:kalkitech:sync221-m1:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2021-44564"
}
]
},
"cve": "CVE-2021-44564",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 6.8,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2021-44564",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CNVD-2022-09797",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.2,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "High",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.1,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2021-44564",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2021-44564",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2022-09797",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202201-425",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-09797"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-017713"
},
{
"db": "NVD",
"id": "CVE-2021-44564"
},
{
"db": "CNNVD",
"id": "CNNVD-202201-425"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A security vulnerability originally reported in the SYNC2101 product, and applicable to specific sub-families of SYNC devices, allows an attacker to download the configuration file used in the device and apply a modified configuration file back to the device. The attack requires network access to the SYNC device and knowledge of its IP address. The attack exploits the unsecured communication channel used between the administration tool Easyconnect and the SYNC device (in the affected family of SYNC products). plural SYNC There is an unspecified vulnerability in the device.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Kalkitech Sync Products is a range of substation gateways from the Indian company Kalkitech",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-44564"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-017713"
},
{
"db": "CNVD",
"id": "CNVD-2022-09797"
},
{
"db": "VULMON",
"id": "CVE-2021-44564"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2021-44564",
"trust": 3.9
},
{
"db": "JVNDB",
"id": "JVNDB-2021-017713",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2022-09797",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202201-425",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2021-44564",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-09797"
},
{
"db": "VULMON",
"id": "CVE-2021-44564"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-017713"
},
{
"db": "NVD",
"id": "CVE-2021-44564"
},
{
"db": "CNNVD",
"id": "CNNVD-202201-425"
}
]
},
"id": "VAR-202201-0170",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-09797"
}
],
"trust": 1.6
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-09797"
}
]
},
"last_update_date": "2023-12-18T13:22:37.938000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "CYB/2021/33631 Kalkitech",
"trust": 0.8,
"url": "https://kalkitech.com/wp-content/uploads/2022/01/cyb_33631_advisory.pdf"
},
{
"title": "Patch for Kalkitech Sync Products Encryption Issue Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/318996"
},
{
"title": "Kalkitech Sync Products Fixes for encryption problem vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=178023"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-09797"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-017713"
},
{
"db": "CNNVD",
"id": "CNNVD-202201-425"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "Lack of information (CWE-noinfo) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-017713"
},
{
"db": "NVD",
"id": "CVE-2021-44564"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.3,
"url": "https://kalkitech.com/wp-content/uploads/cyb_33631_advisory.pdf"
},
{
"trust": 1.7,
"url": "https://www.kalkitech.com/cybersecurity/"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-44564"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-09797"
},
{
"db": "VULMON",
"id": "CVE-2021-44564"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-017713"
},
{
"db": "NVD",
"id": "CVE-2021-44564"
},
{
"db": "CNNVD",
"id": "CNNVD-202201-425"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2022-09797"
},
{
"db": "VULMON",
"id": "CVE-2021-44564"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-017713"
},
{
"db": "NVD",
"id": "CVE-2021-44564"
},
{
"db": "CNNVD",
"id": "CNNVD-202201-425"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-02-12T00:00:00",
"db": "CNVD",
"id": "CNVD-2022-09797"
},
{
"date": "2022-01-06T00:00:00",
"db": "VULMON",
"id": "CVE-2021-44564"
},
{
"date": "2023-02-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2021-017713"
},
{
"date": "2022-01-06T12:15:08.190000",
"db": "NVD",
"id": "CVE-2021-44564"
},
{
"date": "2022-01-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202201-425"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-02-12T00:00:00",
"db": "CNVD",
"id": "CNVD-2022-09797"
},
{
"date": "2022-01-06T00:00:00",
"db": "VULMON",
"id": "CVE-2021-44564"
},
{
"date": "2023-02-01T07:27:00",
"db": "JVNDB",
"id": "JVNDB-2021-017713"
},
{
"date": "2022-01-14T16:46:31.343000",
"db": "NVD",
"id": "CVE-2021-44564"
},
{
"date": "2022-01-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202201-425"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202201-425"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural \u00a0SYNC\u00a0 Vulnerabilities in devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-017713"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "encryption problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202201-425"
}
],
"trust": 0.6
}
}