CVE-2021-27734

EUVD-2021-14476
Hirschmann HiOS 07.1.01, 07.1.02, and 08.1.00 through 08.5.xx and HiSecOS 03.3.00 through 03.5.01 allow remote attackers to change the credentials of existing users.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 30%
Affected Products (NVD)
VendorProductVersion
beldenhirschmann_hios
08.1.00 ≤
𝑥
< 08.6.00
beldenhirschmann_hios
07.1.01
beldenhirschmann_hios
07.1.02
beldenhisecos
03.3.00 ≤
𝑥
≤ 03.5.01
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://dam.belden.com/dmm3bwsv3/assetstream.aspx?assetid=12914&mediaformatid=50063&destinationid=10016
https://dam.belden.com/dmm3bwsv3/assetstream.aspx?assetid=12914&mediaformatid=50063&destinationid=10016