Vulnerabilities > GE > Reason Dr60 Firmware > High

DATE CVE VULNERABILITY TITLE RISK
2021-03-25 CVE-2021-27454 Improper Privilege Management vulnerability in GE Reason Dr60 Firmware
The software performs an operation at a privilege level higher than the minimum level required, which creates new weaknesses or amplifies the consequences of other weaknesses on the Reason DR60 (all firmware versions prior to 02A04.1).
local
low complexity
ge CWE-269
7.8
2021-03-25 CVE-2021-27438 Use of Hard-coded Credentials vulnerability in GE Reason Dr60 Firmware
The software contains a hard-coded password it uses for its own inbound authentication or for outbound communication to external components on the Reason DR60 (all firmware versions prior to 02A04.1).
network
low complexity
ge CWE-798
8.8