cvelistv5 - cve-2021-35531

CVE-2021-35531 (GCVE-0-2021-35531)

Vulnerability from cvelistv5 – Published: 2022-06-07 20:07 – Updated: 2024-09-16 16:12

Summary

Improper Input Validation vulnerability in a particular configuration setting field of Hitachi Energy TXpert Hub CoreTec 4 product, allows an attacker with access to an authorized user with ADMIN or ENGINEER role rights to inject an OS command that is executed by the system. This issue affects: Hitachi Energy TXpert Hub CoreTec 4 version 2.0.0; 2.0.1; 2.1.0; 2.1.1; 2.1.2; 2.1.3; 2.2.0; 2.2.1.

Severity ?

No CVSS data available.

CWE

CWE-20 - Improper Input Validation

Assigner

Hitachi Energy

References

URL

Tags

https://search.abb.com/library/Download.aspx?Docu…

x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	Hitachi Energy	TXpert Hub CoreTec 4 version	Affected: 2.0.0 Affected: 2.0.1 Affected: 2.1.0 Affected: 2.1.1 Affected: 2.1.2 Affected: 2.1.3 Affected: 2.2.0 Affected: 2.2.1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T00:40:46.422Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000080\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch\u0026utm_campaign=\u0026utm_content=2022.04_5763_Cybersecurity%20Advisory%20Update_May_03\u0026utm_medium=email\u0026utm_source=Eloqua"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "TXpert Hub CoreTec 4 version",
          "vendor": "Hitachi Energy",
          "versions": [
            {
              "status": "affected",
              "version": "2.0.0"
            },
            {
              "status": "affected",
              "version": "2.0.1"
            },
            {
              "status": "affected",
              "version": "2.1.0"
            },
            {
              "status": "affected",
              "version": "2.1.1"
            },
            {
              "status": "affected",
              "version": "2.1.2"
            },
            {
              "status": "affected",
              "version": "2.1.3"
            },
            {
              "status": "affected",
              "version": "2.2.0"
            },
            {
              "status": "affected",
              "version": "2.2.1"
            }
          ]
        }
      ],
      "datePublic": "2022-05-10T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Improper Input Validation vulnerability in a particular configuration setting field of Hitachi Energy TXpert Hub CoreTec 4 product, allows an attacker with access to an authorized user with ADMIN or ENGINEER role rights to inject an OS command that is executed by the system. This issue affects: Hitachi Energy TXpert Hub CoreTec 4 version 2.0.0; 2.0.1; 2.1.0; 2.1.1; 2.1.2; 2.1.3; 2.2.0; 2.2.1."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20 Improper Input Validation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-06-07T20:07:37",
        "orgId": "e383dce4-0c27-4495-91c4-0db157728d17",
        "shortName": "Hitachi Energy"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000080\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch\u0026utm_campaign=\u0026utm_content=2022.04_5763_Cybersecurity%20Advisory%20Update_May_03\u0026utm_medium=email\u0026utm_source=Eloqua"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "Update the system to TXpert Hub CoreTec 4 version 2.3.0 that fixes the issues."
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Remote Code Execution in TXpert Hub CoreTec 4",
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cybersecurity@hitachienergy.com",
          "DATE_PUBLIC": "2022-05-10T10:00:00.000Z",
          "ID": "CVE-2021-35531",
          "STATE": "PUBLIC",
          "TITLE": "Remote Code Execution in TXpert Hub CoreTec 4"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "TXpert Hub CoreTec 4 version",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "=",
                            "version_name": "2.0.0",
                            "version_value": "2.0.0"
                          },
                          {
                            "version_affected": "=",
                            "version_name": "2.0.1",
                            "version_value": "2.0.1"
                          },
                          {
                            "version_affected": "=",
                            "version_name": "2.1.0",
                            "version_value": "2.1.0"
                          },
                          {
                            "version_affected": "=",
                            "version_name": "2.1.1",
                            "version_value": "2.1.1"
                          },
                          {
                            "version_affected": "=",
                            "version_name": "2.1.2",
                            "version_value": "2.1.2"
                          },
                          {
                            "version_affected": "=",
                            "version_name": "2.1.3",
                            "version_value": "2.1.3"
                          },
                          {
                            "version_affected": "=",
                            "version_name": "2.2.0",
                            "version_value": "2.2.0"
                          },
                          {
                            "version_affected": "=",
                            "version_name": "2.2.1",
                            "version_value": "2.2.1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Hitachi Energy"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Improper Input Validation vulnerability in a particular configuration setting field of Hitachi Energy TXpert Hub CoreTec 4 product, allows an attacker with access to an authorized user with ADMIN or ENGINEER role rights to inject an OS command that is executed by the system. This issue affects: Hitachi Energy TXpert Hub CoreTec 4 version 2.0.0; 2.0.1; 2.1.0; 2.1.1; 2.1.2; 2.1.3; 2.2.0; 2.2.1."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-20 Improper Input Validation"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000080\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch\u0026utm_campaign=\u0026utm_content=2022.04_5763_Cybersecurity%20Advisory%20Update_May_03\u0026utm_medium=email\u0026utm_source=Eloqua",
              "refsource": "CONFIRM",
              "url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000080\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch\u0026utm_campaign=\u0026utm_content=2022.04_5763_Cybersecurity%20Advisory%20Update_May_03\u0026utm_medium=email\u0026utm_source=Eloqua"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "Update the system to TXpert Hub CoreTec 4 version 2.3.0 that fixes the issues."
          }
        ],
        "source": {
          "discovery": "UNKNOWN"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "e383dce4-0c27-4495-91c4-0db157728d17",
    "assignerShortName": "Hitachi Energy",
    "cveId": "CVE-2021-35531",
    "datePublished": "2022-06-07T20:07:37.055446Z",
    "dateReserved": "2021-06-28T00:00:00",
    "dateUpdated": "2024-09-16T16:12:33.151Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:hitachienergy:txpert_hub_coretec_4_firmware:2.0.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CA6C5B5F-1C94-4CF2-9371-B77A06DF089E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:hitachienergy:txpert_hub_coretec_4_firmware:2.0.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CC92EBD8-04A6-4010-8058-D7DC57698374\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:hitachienergy:txpert_hub_coretec_4_firmware:2.1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7AC186E8-E646-40C6-9DE3-296692050208\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:hitachienergy:txpert_hub_coretec_4_firmware:2.1.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DCAC45F3-66FB-4D56-9F46-BA90E0CDD7E8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:hitachienergy:txpert_hub_coretec_4_firmware:2.1.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7540E055-1C25-4487-BC43-CEE7B2370E54\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:hitachienergy:txpert_hub_coretec_4_firmware:2.1.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"276F34CB-D644-4E33-B254-FDD598D7372B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:hitachienergy:txpert_hub_coretec_4_firmware:2.2.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F7496490-5B13-4DC9-8EC1-3E196683D536\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:hitachienergy:txpert_hub_coretec_4_firmware:2.2.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A86BF5CA-E5EA-4694-84FF-74287FEE2342\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:hitachienergy:txpert_hub_coretec_4:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3ADE055E-8EE4-4CCE-9326-B70C101F0EF3\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Improper Input Validation vulnerability in a particular configuration setting field of Hitachi Energy TXpert Hub CoreTec 4 product, allows an attacker with access to an authorized user with ADMIN or ENGINEER role rights to inject an OS command that is executed by the system. This issue affects: Hitachi Energy TXpert Hub CoreTec 4 version 2.0.0; 2.0.1; 2.1.0; 2.1.1; 2.1.2; 2.1.3; 2.2.0; 2.2.1.\"}, {\"lang\": \"es\", \"value\": \"Una vulnerabilidad de comprobaci\\u00f3n de entrada inapropiada en un campo de configuraci\\u00f3n particular del producto Hitachi Energy TXpert Hub CoreTec 4, permite a un atacante con acceso a un usuario autorizado con derechos de rol ADMIN o ENGINEER inyectar un comando del sistema operativo que es ejecutado por el sistema. Este problema afecta a: Hitachi Energy TXpert Hub CoreTec 4 versiones 2.0.0; 2.0.1; 2.1.0; 2.1.2; 2.1.3; 2.2.0; 2.2.1\"}]",
      "id": "CVE-2021-35531",
      "lastModified": "2024-11-21T06:12:27.417",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 6.7, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"HIGH\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 0.8, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:L/AC:L/Au:N/C:C/I:C/A:C\", \"baseScore\": 7.2, \"accessVector\": \"LOCAL\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 3.9, \"impactScore\": 10.0, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2022-06-07T21:15:14.720",
      "references": "[{\"url\": \"https://search.abb.com/library/Download.aspx?DocumentID=8DBD000080\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch\u0026utm_campaign=\u0026utm_content=2022.04_5763_Cybersecurity%20Advisory%20Update_May_03\u0026utm_medium=email\u0026utm_source=Eloqua\", \"source\": \"cybersecurity@hitachienergy.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://search.abb.com/library/Download.aspx?DocumentID=8DBD000080\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch\u0026utm_campaign=\u0026utm_content=2022.04_5763_Cybersecurity%20Advisory%20Update_May_03\u0026utm_medium=email\u0026utm_source=Eloqua\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
      "sourceIdentifier": "cybersecurity@hitachienergy.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"cybersecurity@hitachienergy.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-20\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-78\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2021-35531\",\"sourceIdentifier\":\"cybersecurity@hitachienergy.com\",\"published\":\"2022-06-07T21:15:14.720\",\"lastModified\":\"2024-11-21T06:12:27.417\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Improper Input Validation vulnerability in a particular configuration setting field of Hitachi Energy TXpert Hub CoreTec 4 product, allows an attacker with access to an authorized user with ADMIN or ENGINEER role rights to inject an OS command that is executed by the system. This issue affects: Hitachi Energy TXpert Hub CoreTec 4 version 2.0.0; 2.0.1; 2.1.0; 2.1.1; 2.1.2; 2.1.3; 2.2.0; 2.2.1.\"},{\"lang\":\"es\",\"value\":\"Una vulnerabilidad de comprobaci\u00f3n de entrada inapropiada en un campo de configuraci\u00f3n particular del producto Hitachi Energy TXpert Hub CoreTec 4, permite a un atacante con acceso a un usuario autorizado con derechos de rol ADMIN o ENGINEER inyectar un comando del sistema operativo que es ejecutado por el sistema. Este problema afecta a: Hitachi Energy TXpert Hub CoreTec 4 versiones 2.0.0; 2.0.1; 2.1.0; 2.1.2; 2.1.3; 2.2.0; 2.2.1\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":6.7,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":0.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:C/I:C/A:C\",\"baseScore\":7.2,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":3.9,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"cybersecurity@hitachienergy.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-20\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-78\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:hitachienergy:txpert_hub_coretec_4_firmware:2.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CA6C5B5F-1C94-4CF2-9371-B77A06DF089E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:hitachienergy:txpert_hub_coretec_4_firmware:2.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CC92EBD8-04A6-4010-8058-D7DC57698374\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:hitachienergy:txpert_hub_coretec_4_firmware:2.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7AC186E8-E646-40C6-9DE3-296692050208\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:hitachienergy:txpert_hub_coretec_4_firmware:2.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DCAC45F3-66FB-4D56-9F46-BA90E0CDD7E8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:hitachienergy:txpert_hub_coretec_4_firmware:2.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7540E055-1C25-4487-BC43-CEE7B2370E54\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:hitachienergy:txpert_hub_coretec_4_firmware:2.1.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"276F34CB-D644-4E33-B254-FDD598D7372B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:hitachienergy:txpert_hub_coretec_4_firmware:2.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F7496490-5B13-4DC9-8EC1-3E196683D536\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:hitachienergy:txpert_hub_coretec_4_firmware:2.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A86BF5CA-E5EA-4694-84FF-74287FEE2342\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:hitachienergy:txpert_hub_coretec_4:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3ADE055E-8EE4-4CCE-9326-B70C101F0EF3\"}]}]}],\"references\":[{\"url\":\"https://search.abb.com/library/Download.aspx?DocumentID=8DBD000080\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch\u0026utm_campaign=\u0026utm_content=2022.04_5763_Cybersecurity%20Advisory%20Update_May_03\u0026utm_medium=email\u0026utm_source=Eloqua\",\"source\":\"cybersecurity@hitachienergy.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://search.abb.com/library/Download.aspx?DocumentID=8DBD000080\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch\u0026utm_campaign=\u0026utm_content=2022.04_5763_Cybersecurity%20Advisory%20Update_May_03\u0026utm_medium=email\u0026utm_source=Eloqua\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
  }
}

GHSA-6FW8-3WXJ-MG3J

Vulnerability from github – Published: 2022-06-08 00:00 – Updated: 2022-06-17 00:01

Details

Severity ?

6.7 (Medium)


                  
                    CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2021-35531"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-20",
      "CWE-78"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-06-07T21:15:00Z",
    "severity": "HIGH"
  },
  "details": "Improper Input Validation vulnerability in a particular configuration setting field of Hitachi Energy TXpert Hub CoreTec 4 product, allows an attacker with access to an authorized user with ADMIN or ENGINEER role rights to inject an OS command that is executed by the system. This issue affects: Hitachi Energy TXpert Hub CoreTec 4 version 2.0.0; 2.0.1; 2.1.0; 2.1.1; 2.1.2; 2.1.3; 2.2.0; 2.2.1.",
  "id": "GHSA-6fw8-3wxj-mg3j",
  "modified": "2022-06-17T00:01:27Z",
  "published": "2022-06-08T00:00:32Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-35531"
    },
    {
      "type": "WEB",
      "url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000080\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch\u0026utm_campaign=\u0026utm_content=2022.04_5763_Cybersecurity%20Advisory%20Update_May_03\u0026utm_medium=email\u0026utm_source=Eloqua"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GSD-2021-35531

Vulnerability from gsd - Updated: 2023-12-13 01:23

Details

Aliases

CVE-2021-35531

Aliases

CVE-2021-35531

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2021-35531",
    "description": "Improper Input Validation vulnerability in a particular configuration setting field of Hitachi Energy TXpert Hub CoreTec 4 product, allows an attacker with access to an authorized user with ADMIN or ENGINEER role rights to inject an OS command that is executed by the system. This issue affects: Hitachi Energy TXpert Hub CoreTec 4 version 2.0.0; 2.0.1; 2.1.0; 2.1.1; 2.1.2; 2.1.3; 2.2.0; 2.2.1.",
    "id": "GSD-2021-35531"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2021-35531"
      ],
      "details": "Improper Input Validation vulnerability in a particular configuration setting field of Hitachi Energy TXpert Hub CoreTec 4 product, allows an attacker with access to an authorized user with ADMIN or ENGINEER role rights to inject an OS command that is executed by the system. This issue affects: Hitachi Energy TXpert Hub CoreTec 4 version 2.0.0; 2.0.1; 2.1.0; 2.1.1; 2.1.2; 2.1.3; 2.2.0; 2.2.1.",
      "id": "GSD-2021-35531",
      "modified": "2023-12-13T01:23:28.143788Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cybersecurity@hitachienergy.com",
        "DATE_PUBLIC": "2022-05-10T10:00:00.000Z",
        "ID": "CVE-2021-35531",
        "STATE": "PUBLIC",
        "TITLE": "Remote Code Execution in TXpert Hub CoreTec 4"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "TXpert Hub CoreTec 4 version",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_name": "2.0.0",
                          "version_value": "2.0.0"
                        },
                        {
                          "version_affected": "=",
                          "version_name": "2.0.1",
                          "version_value": "2.0.1"
                        },
                        {
                          "version_affected": "=",
                          "version_name": "2.1.0",
                          "version_value": "2.1.0"
                        },
                        {
                          "version_affected": "=",
                          "version_name": "2.1.1",
                          "version_value": "2.1.1"
                        },
                        {
                          "version_affected": "=",
                          "version_name": "2.1.2",
                          "version_value": "2.1.2"
                        },
                        {
                          "version_affected": "=",
                          "version_name": "2.1.3",
                          "version_value": "2.1.3"
                        },
                        {
                          "version_affected": "=",
                          "version_name": "2.2.0",
                          "version_value": "2.2.0"
                        },
                        {
                          "version_affected": "=",
                          "version_name": "2.2.1",
                          "version_value": "2.2.1"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Hitachi Energy"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Improper Input Validation vulnerability in a particular configuration setting field of Hitachi Energy TXpert Hub CoreTec 4 product, allows an attacker with access to an authorized user with ADMIN or ENGINEER role rights to inject an OS command that is executed by the system. This issue affects: Hitachi Energy TXpert Hub CoreTec 4 version 2.0.0; 2.0.1; 2.1.0; 2.1.1; 2.1.2; 2.1.3; 2.2.0; 2.2.1."
          }
        ]
      },
      "generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "CWE-20 Improper Input Validation"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000080\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch\u0026utm_campaign=\u0026utm_content=2022.04_5763_Cybersecurity%20Advisory%20Update_May_03\u0026utm_medium=email\u0026utm_source=Eloqua",
            "refsource": "CONFIRM",
            "url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000080\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch\u0026utm_campaign=\u0026utm_content=2022.04_5763_Cybersecurity%20Advisory%20Update_May_03\u0026utm_medium=email\u0026utm_source=Eloqua"
          }
        ]
      },
      "solution": [
        {
          "lang": "eng",
          "value": "Update the system to TXpert Hub CoreTec 4 version 2.3.0 that fixes the issues."
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:hitachienergy:txpert_hub_coretec_4_firmware:2.0.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:hitachienergy:txpert_hub_coretec_4_firmware:2.0.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:hitachienergy:txpert_hub_coretec_4_firmware:2.1.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:hitachienergy:txpert_hub_coretec_4_firmware:2.1.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:hitachienergy:txpert_hub_coretec_4_firmware:2.1.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:hitachienergy:txpert_hub_coretec_4_firmware:2.1.3:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:hitachienergy:txpert_hub_coretec_4_firmware:2.2.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:hitachienergy:txpert_hub_coretec_4_firmware:2.2.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:hitachienergy:txpert_hub_coretec_4:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cybersecurity@hitachienergy.com",
          "ID": "CVE-2021-35531"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Improper Input Validation vulnerability in a particular configuration setting field of Hitachi Energy TXpert Hub CoreTec 4 product, allows an attacker with access to an authorized user with ADMIN or ENGINEER role rights to inject an OS command that is executed by the system. This issue affects: Hitachi Energy TXpert Hub CoreTec 4 version 2.0.0; 2.0.1; 2.1.0; 2.1.1; 2.1.2; 2.1.3; 2.2.0; 2.2.1."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-78"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000080\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch\u0026utm_campaign=\u0026utm_content=2022.04_5763_Cybersecurity%20Advisory%20Update_May_03\u0026utm_medium=email\u0026utm_source=Eloqua",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000080\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch\u0026utm_campaign=\u0026utm_content=2022.04_5763_Cybersecurity%20Advisory%20Update_May_03\u0026utm_medium=email\u0026utm_source=Eloqua"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.2,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 10.0,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "exploitabilityScore": 0.8,
          "impactScore": 5.9
        }
      },
      "lastModifiedDate": "2023-06-26T17:58Z",
      "publishedDate": "2022-06-07T21:15Z"
    }
  }
}

ICSA-22-249-04

Vulnerability from csaf_cisa - Published: 2022-09-06 00:00 - Updated: 2022-09-06 00:00

Summary

Hitachi Energy TXpert Hub CoreTec 4

Notes

CISA Disclaimer

This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov

Legal Notice

All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.

Risk evaluation

Successful exploitation of these vulnerabilities could allow an attacker to cause a denial-of-service condition on the product, modify configuration, obtain sensitive information from the device, and load malicious firmware.

Critical infrastructure sectors

Energy

Countries/areas deployed

Worldwide

Company headquarters location

Switzerland

Recommended Practices

CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability these vulnerabilities. Specifically, users should:

Recommended Practices

CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.

Recommended Practices

CISA also provides a section for control systems security recommended practices on the ICS webpage at cisa.gov/ics. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.

Recommended Practices

Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.

Recommended Practices

Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov/ics in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.

Exploitability

No known public exploits specifically target these vulnerabilities. These vulnerabilities are not exploitable remotely. These vulnerabilities have a high attack complexity.

JSON

To clipboard

{
  "document": {
    "acknowledgments": [
      {
        "organization": "Hitachi Energy",
        "summary": "reporting these vulnerabilities to CISA"
      }
    ],
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Disclosure is not limited",
      "tlp": {
        "label": "WHITE",
        "url": "https://us-cert.cisa.gov/tlp/"
      }
    },
    "lang": "en-US",
    "notes": [
      {
        "category": "general",
        "text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
        "title": "CISA Disclaimer"
      },
      {
        "category": "legal_disclaimer",
        "text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
        "title": "Legal Notice"
      },
      {
        "category": "summary",
        "text": "Successful exploitation of these vulnerabilities could allow an attacker to cause a denial-of-service condition on the product, modify configuration, obtain sensitive information from the device, and load malicious firmware.",
        "title": "Risk evaluation"
      },
      {
        "category": "other",
        "text": "Energy",
        "title": "Critical infrastructure sectors"
      },
      {
        "category": "other",
        "text": "Worldwide",
        "title": "Countries/areas deployed"
      },
      {
        "category": "other",
        "text": "Switzerland",
        "title": "Company headquarters location"
      },
      {
        "category": "general",
        "text": "CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability these vulnerabilities. Specifically, users should:",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "CISA also provides a section for control systems security recommended practices on the ICS webpage at cisa.gov/ics. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov/ics in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.",
        "title": "Recommended Practices"
      },
      {
        "category": "other",
        "text": "No known public exploits specifically target these vulnerabilities. These vulnerabilities are not exploitable remotely. These vulnerabilities have a high attack complexity.",
        "title": "Exploitability"
      }
    ],
    "publisher": {
      "category": "coordinator",
      "contact_details": "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870",
      "name": "CISA",
      "namespace": "https://www.cisa.gov/"
    },
    "references": [
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-22-249-04 JSON",
        "url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2022/icsa-22-249-04.json"
      },
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-22-249-04 Web Version",
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-22-249-04"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-22-249-04"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
      }
    ],
    "title": "Hitachi Energy TXpert Hub CoreTec 4",
    "tracking": {
      "current_release_date": "2022-09-06T00:00:00.000000Z",
      "generator": {
        "engine": {
          "name": "CISA CSAF Generator",
          "version": "1.0.0"
        }
      },
      "id": "ICSA-22-249-04",
      "initial_release_date": "2022-09-06T00:00:00.000000Z",
      "revision_history": [
        {
          "date": "2022-09-06T00:00:00.000000Z",
          "legacy_version": "Initial",
          "number": "1",
          "summary": "Publication Date"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "2.2.0 | 2.2.1",
                "product": {
                  "name": "TXpert Hub CoreTec 4: version 2.2.0 2.2.1",
                  "product_id": "CSAFPID-0001"
                }
              }
            ],
            "category": "product_name",
            "name": "TXpert Hub CoreTec 4"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "2.0.0 | 2.0.1",
                "product": {
                  "name": "TXpert Hub CoreTec 4: version 2.0.0 2.0.1",
                  "product_id": "CSAFPID-0002"
                }
              }
            ],
            "category": "product_name",
            "name": "TXpert Hub CoreTec 4"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "2.1.0 | 2.1.1 | 2.1.2 | 2.1.3",
                "product": {
                  "name": "TXpert Hub CoreTec 4: version 2.1.0 2.1.1 2.1.2 2.1.3",
                  "product_id": "CSAFPID-0003"
                }
              }
            ],
            "category": "product_name",
            "name": "TXpert Hub CoreTec 4"
          }
        ],
        "category": "vendor",
        "name": "Hitachi Energy"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2021-35530",
      "cwe": {
        "id": "CWE-288",
        "name": "Authentication Bypass Using an Alternate Path or Channel"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A vulnerability in the application authentication and authorization mechanism in the affected product depends on a token validation of the session identifier. The vulnerability allows an unauthorized modified message to be executed in the server, enabling an attacker to change an existing user \u0027s password, and gain authorized access into the system.CVE-2021-35530 has been assigned to this vulnerability. A CVSS v3 base score of 6.0 has been assigned; the CVSS vector string is (AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:L).",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-35530"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:L"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Hitachi Energy recommends updating the affected products to the following versions to remediate CVE-2021-35530 and CVE-2021-35531 specifically: TXpert Hub CoreTec 4 version 2.3.0 or higher",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        },
        {
          "category": "mitigation",
          "details": "Physically protect process control systems from unauthorized direct access.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        },
        {
          "category": "mitigation",
          "details": "Do not expose process control systems to the internet.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        },
        {
          "category": "mitigation",
          "details": "Use a firewall system with the necessary ports open to separate process control systems from other networks.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        },
        {
          "category": "mitigation",
          "details": "Process control systems should not be used for internet surfing, instant messaging, or receiving emails.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        },
        {
          "category": "mitigation",
          "details": "Portable computers and removable storage media should be carefully scanned for viruses before connecting to process control systems.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        },
        {
          "category": "mitigation",
          "details": "Ensure users of the system have individual user accounts. Shared user accounts should not be used.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        },
        {
          "category": "mitigation",
          "details": "Users should have only the necessary rights required.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        },
        {
          "category": "mitigation",
          "details": "System default user accounts should be deleted.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Additionally, Hitachi Energy recommends following product Security Deployment Guidelines. Recommended practices for the affected product can be found in the TXpert Hub CoreTec 4 Software Manual.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://search.abb.com/library/Download.aspx?DocumentID=1ZBK000069\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
        },
        {
          "category": "mitigation",
          "details": "For more information, see Hitachi Energy security advisory 8DBD000080",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000080\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.0,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:L",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ]
    },
    {
      "cve": "CVE-2021-35531",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An Improper Input Validation vulnerability in a particular configuration setting field of the affected product allows an attacker, who has access to an authorized user with ADMIN or ENGINEER role rights, to inject an operating system (OS) command; this command will then be executed by the system.CVE-2021-35531 has been assigned to this vulnerability. A CVSS v3 base score of 6.0 has been assigned; the CVSS vector string is (AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:L).",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-35531"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:L"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Hitachi Energy recommends updating the affected products to the following versions to remediate CVE-2021-35530 and CVE-2021-35531 specifically: TXpert Hub CoreTec 4 version 2.3.0 or higher",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        },
        {
          "category": "mitigation",
          "details": "Physically protect process control systems from unauthorized direct access.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        },
        {
          "category": "mitigation",
          "details": "Do not expose process control systems to the internet.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        },
        {
          "category": "mitigation",
          "details": "Use a firewall system with the necessary ports open to separate process control systems from other networks.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        },
        {
          "category": "mitigation",
          "details": "Process control systems should not be used for internet surfing, instant messaging, or receiving emails.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        },
        {
          "category": "mitigation",
          "details": "Portable computers and removable storage media should be carefully scanned for viruses before connecting to process control systems.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        },
        {
          "category": "mitigation",
          "details": "Ensure users of the system have individual user accounts. Shared user accounts should not be used.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        },
        {
          "category": "mitigation",
          "details": "Users should have only the necessary rights required.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        },
        {
          "category": "mitigation",
          "details": "System default user accounts should be deleted.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Additionally, Hitachi Energy recommends following product Security Deployment Guidelines. Recommended practices for the affected product can be found in the TXpert Hub CoreTec 4 Software Manual.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://search.abb.com/library/Download.aspx?DocumentID=1ZBK000069\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
        },
        {
          "category": "mitigation",
          "details": "For more information, see Hitachi Energy security advisory 8DBD000080",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000080\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.0,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:L",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ]
    },
    {
      "cve": "CVE-2021-35532",
      "cwe": {
        "id": "CWE-494",
        "name": "Download of Code Without Integrity Check"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A vulnerability exists in the file upload validation component of the affected product. The vulnerability allows an attacker to gain access to the system and obtain an account with sufficient privilege to then upload a malicious firmware to the product.CVE-2021-35532 has been assigned to this vulnerability. A CVSS v3 base score of 6.0 has been assigned; the CVSS vector string is (AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:L).",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-35532"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:L"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "Physically protect process control systems from unauthorized direct access.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        },
        {
          "category": "mitigation",
          "details": "Do not expose process control systems to the internet.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        },
        {
          "category": "mitigation",
          "details": "Use a firewall system with the necessary ports open to separate process control systems from other networks.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        },
        {
          "category": "mitigation",
          "details": "Process control systems should not be used for internet surfing, instant messaging, or receiving emails.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        },
        {
          "category": "mitigation",
          "details": "Portable computers and removable storage media should be carefully scanned for viruses before connecting to process control systems.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        },
        {
          "category": "mitigation",
          "details": "Ensure users of the system have individual user accounts. Shared user accounts should not be used.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        },
        {
          "category": "mitigation",
          "details": "Users should have only the necessary rights required.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        },
        {
          "category": "mitigation",
          "details": "System default user accounts should be deleted.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Additionally, Hitachi Energy recommends following product Security Deployment Guidelines. Recommended practices for the affected product can be found in the TXpert Hub CoreTec 4 Software Manual.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://search.abb.com/library/Download.aspx?DocumentID=1ZBK000069\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
        },
        {
          "category": "mitigation",
          "details": "For more information, see Hitachi Energy security advisory 8DBD000080",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000080\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.0,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:L",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ]
    }
  ]
}

FKIE_CVE-2021-35531

Vulnerability from fkie_nvd - Published: 2022-06-07 21:15 - Updated: 2024-11-21 06:12

Severity ?

6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Summary

References

	URL	Tags
	cybersecurity@hitachienergy.com	https://search.abb.com/library/Download.aspx?DocumentID=8DBD000080&LanguageCode=en&DocumentPartId=&Action=Launch&utm_campaign=&utm_content=2022.04_5763_Cybersecurity%20Advisory%20Update_May_03&utm_medium=email&utm_source=Eloqua	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://search.abb.com/library/Download.aspx?DocumentID=8DBD000080&LanguageCode=en&DocumentPartId=&Action=Launch&utm_campaign=&utm_content=2022.04_5763_Cybersecurity%20Advisory%20Update_May_03&utm_medium=email&utm_source=Eloqua	Vendor Advisory

Impacted products

Vendor	Product	Version
hitachienergy	txpert_hub_coretec_4_firmware	2.0.0
hitachienergy	txpert_hub_coretec_4_firmware	2.0.1
hitachienergy	txpert_hub_coretec_4_firmware	2.1.0
hitachienergy	txpert_hub_coretec_4_firmware	2.1.1
hitachienergy	txpert_hub_coretec_4_firmware	2.1.2
hitachienergy	txpert_hub_coretec_4_firmware	2.1.3
hitachienergy	txpert_hub_coretec_4_firmware	2.2.0
hitachienergy	txpert_hub_coretec_4_firmware	2.2.1
hitachienergy	txpert_hub_coretec_4	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:hitachienergy:txpert_hub_coretec_4_firmware:2.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CA6C5B5F-1C94-4CF2-9371-B77A06DF089E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:hitachienergy:txpert_hub_coretec_4_firmware:2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CC92EBD8-04A6-4010-8058-D7DC57698374",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:hitachienergy:txpert_hub_coretec_4_firmware:2.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7AC186E8-E646-40C6-9DE3-296692050208",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:hitachienergy:txpert_hub_coretec_4_firmware:2.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "DCAC45F3-66FB-4D56-9F46-BA90E0CDD7E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:hitachienergy:txpert_hub_coretec_4_firmware:2.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7540E055-1C25-4487-BC43-CEE7B2370E54",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:hitachienergy:txpert_hub_coretec_4_firmware:2.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "276F34CB-D644-4E33-B254-FDD598D7372B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:hitachienergy:txpert_hub_coretec_4_firmware:2.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F7496490-5B13-4DC9-8EC1-3E196683D536",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:hitachienergy:txpert_hub_coretec_4_firmware:2.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A86BF5CA-E5EA-4694-84FF-74287FEE2342",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:hitachienergy:txpert_hub_coretec_4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3ADE055E-8EE4-4CCE-9326-B70C101F0EF3",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Improper Input Validation vulnerability in a particular configuration setting field of Hitachi Energy TXpert Hub CoreTec 4 product, allows an attacker with access to an authorized user with ADMIN or ENGINEER role rights to inject an OS command that is executed by the system. This issue affects: Hitachi Energy TXpert Hub CoreTec 4 version 2.0.0; 2.0.1; 2.1.0; 2.1.1; 2.1.2; 2.1.3; 2.2.0; 2.2.1."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad de comprobaci\u00f3n de entrada inapropiada en un campo de configuraci\u00f3n particular del producto Hitachi Energy TXpert Hub CoreTec 4, permite a un atacante con acceso a un usuario autorizado con derechos de rol ADMIN o ENGINEER inyectar un comando del sistema operativo que es ejecutado por el sistema. Este problema afecta a: Hitachi Energy TXpert Hub CoreTec 4 versiones 2.0.0; 2.0.1; 2.1.0; 2.1.2; 2.1.3; 2.2.0; 2.2.1"
    }
  ],
  "id": "CVE-2021-35531",
  "lastModified": "2024-11-21T06:12:27.417",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.2,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 6.7,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 0.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2022-06-07T21:15:14.720",
  "references": [
    {
      "source": "cybersecurity@hitachienergy.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000080\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch\u0026utm_campaign=\u0026utm_content=2022.04_5763_Cybersecurity%20Advisory%20Update_May_03\u0026utm_medium=email\u0026utm_source=Eloqua"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000080\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch\u0026utm_campaign=\u0026utm_content=2022.04_5763_Cybersecurity%20Advisory%20Update_May_03\u0026utm_medium=email\u0026utm_source=Eloqua"
    }
  ],
  "sourceIdentifier": "cybersecurity@hitachienergy.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "cybersecurity@hitachienergy.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-78"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2021-35531 (GCVE-0-2021-35531)

GHSA-6FW8-3WXJ-MG3J

GSD-2021-35531

ICSA-22-249-04

FKIE_CVE-2021-35531

Tags

Sightings

Nomenclature