cbcvebase.
CVE-2021-40333
published 2021-12-02

CVE-2021-40333: Weak Password Requirements vulnerability in Hitachi Energy FOX61x, XCM20 allows an attacker to gain unauthorized access to the Data Communication Network (DCN)…

PriorityP340high7.1CVSS 3.1
AVNACLPRLUINSUCLIHAN
EPSS
0.63%
45.8th percentile
Weak Password Requirements vulnerability in Hitachi Energy FOX61x, XCM20 allows an attacker to gain unauthorized access to the Data Communication Network (DCN) routing configuration. This issue affects: Hitachi Energy FOX61x versions prior to R15A. Hitachi Energy XCM20 versions prior to R15A.

Affected

4 ranges
VendorProductVersion rangeFixed in
hitachi_energyfox61x>= R15A < R15AR15A
hitachi_energyxcm20>= R15A < R15AR15A
hitachienergyfox615_firmware< r15ar15a
hitachienergyxcm20_firmware< r15ar15a

CVSS provenance

nvdv3.17.1HIGHCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N
nvdv2.05.5MEDIUMAV:N/AC:L/Au:S/C:P/I:P/A:N
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.