Vulnerabilities > CVE-2021-42109 - Insecure Default Initialization of Resource vulnerability in Vitec products

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

critical

NVD

Published: 2021-10-08

Updated: 2022-07-12

Summary

VITEC Exterity IPTV products through 2021-04-30 allow privilege escalation to root.

Part	Description	Count
Application	Vitec Vitec Exterity Avediaserver 2021-04-30	1
OS	Vitec Vitec Exterity Avediastream Encoders Firmware - Vitec Exterity Avediastream Encoders Firmware 2021-04-30 Vitec Avediastream M9605 Firmware - Vitec Avediastream M9605 Firmware 2021-04-30 Vitec Avediastream M9400 Firmware - Vitec Avediastream M9400 Firmware 2021-04-30 Vitec Avediastream M9405 Firmware - Vitec Avediastream M9405 Firmware 2021-04-30 Vitec Avediastream M9305 Firmware - Vitec Avediastream M9305 Firmware 2021-04-30 Vitec Avediastream R9300 Firmware - Vitec Avediastream R9300 Firmware 2021-04-30 Vitec Avediastream R9310 Firmware - Vitec Avediastream R9310 Firmware 2021-04-30 Vitec Avediastream M9325 Firmware - Vitec Avediastream M9325 Firmware 2021-04-30 Vitec Avediastream R9350 Firmware - Vitec Avediastream R9350 Firmware 2021-04-30	18
Hardware	Vitec Vitec Exterity Avediastream Encoders - Vitec Avediastream M9605 - Vitec Avediastream M9400 - Vitec Avediastream M9405 - Vitec Avediastream M9305 - Vitec Avediastream R9300 - Vitec Avediastream R9310 - Vitec Avediastream M9325 - Vitec Avediastream R9350 -	9