CVE-2021-33214

EUVD-2021-19926
In HMS Ewon eCatcher through 6.6.4, weak filesystem permissions could allow malicious users to access files that could lead to sensitive information disclosure, modification of configuration files, or disruption of normal system operation.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6.1 MEDIUM
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 31%
Affected Products (NVD)
VendorProductVersion
hms-networksecatcher
𝑥
≤ 6.6.4
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://cdn.hms-networks.com/docs/librariesprovider6/cybersecurity/hms-security-advisory-2021-07-09-001---ewon-ecatcher.pdf?sfvrsn=b37418d7_4
https://labs.bishopfox.com/advisories
https://labs.bishopfox.com/advisories/ecatcher-desktop-version-6.6.4
https://www.ewon.biz/about-us/security
https://www.ewon.biz/technical-support/pages/talk2m/talk2m-tools/talk2m-ecatcher
https://cdn.hms-networks.com/docs/librariesprovider6/cybersecurity/hms-security-advisory-2021-07-09-001---ewon-ecatcher.pdf?sfvrsn=b37418d7_4
https://labs.bishopfox.com/advisories
https://labs.bishopfox.com/advisories/ecatcher-desktop-version-6.6.4
https://www.ewon.biz/about-us/security
https://www.ewon.biz/technical-support/pages/talk2m/talk2m-tools/talk2m-ecatcher