Vulnerabilities > CVE-2021-43990 - XXE vulnerability in Fanuc Roboguide 9.40083.00.05

CVSS 5.3 - MEDIUM

Attack vector

NETWORK

Attack complexity

HIGH

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

network

high complexity

fanuc

CWE-611

NVD

Published: 2022-04-20

Updated: 2022-10-17

Summary

The affected product is vulnerable to a network-based attack by threat actors supplying a crafted, malicious XML payload designed to trigger an external entity reference call.

Vulnerable Configurations

Part	Description	Count
Application	Fanuc Fanuc Roboguide - Fanuc Roboguide 9.40083.00.05	2

Common Weakness Enumeration (CWE)

CWE-611 - Improper Restriction of XML External Entity Reference ('XXE')

References

https://www.cisa.gov/uscert/ics/advisories/icsa-22-109-03