Vulnerabilities > CVE-2021-40334 - Unspecified vulnerability in Hitachienergy Fox615 Firmware and Xcm20 Firmware

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

network

low complexity

hitachienergy

NVD

Published: 2021-12-02

Updated: 2021-12-08

Summary

Missing Handler vulnerability in the proprietary management protocol (port TCP 5558) of Hitachi Energy FOX61x, XCM20 allows an attacker that exploits the vulnerability by activating SSH on port TCP 5558 to cause disruption to the NMS and NE communication. This issue affects: Hitachi Energy FOX61x versions prior to R15A. Hitachi Energy XCM20 versions prior to R15A.

Vulnerable Configurations

Part	Description	Count
OS	Hitachienergy Hitachienergy Fox615 Firmware * Hitachienergy Xcm20 Firmware *	2
Hardware	Hitachienergy Hitachienergy Fox615 - Hitachienergy Xcm20 -	2

References

https://search.abb.com/library/Download.aspx?DocumentID=8DBD000062&LanguageCode=en&DocumentPartId=&Action=Launch
https://search.abb.com/library/Download.aspx?DocumentID=8DBD000069&LanguageCode=en&DocumentPartId=&Action=Launch