CVE-2021-27426

{"id": "CVE-2021-27426", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}, {"type": "Secondary", "source": "ics-cert@hq.dhs.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2022-03-23T20:15:08.473", "references": [{"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-075-02", "tags": ["Mitigation", "Third Party Advisory", "US Government Resource"], "source": "ics-cert@hq.dhs.gov"}, {"url": "https://www.gegridsolutions.com/Passport/Login.aspx", "tags": ["Permissions Required", "Vendor Advisory"], "source": "ics-cert@hq.dhs.gov"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}, {"type": "Secondary", "source": "ics-cert@hq.dhs.gov", "description": [{"lang": "en", "value": "CWE-453"}]}], "descriptions": [{"lang": "en", "value": "GE UR IED firmware versions prior to version 8.1x with \u201cBasic\u201d security variant does not allow the disabling of the \u201cFactory Mode,\u201d which is used for servicing the IED by a \u201cFactory\u201d user."}, {"lang": "es", "value": "GE UR IED versiones de firmware anteriores a versi\u00f3n 8.1x con la variante de seguridad \"Basic\" no permiten deshabilitar el \"Factory Mode\", que es usado para el mantenimiento del IED por parte de un usuario \"Factory\""}], "lastModified": "2022-04-01T18:14:37.723", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:ge:multilin_b30_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "971B98BB-125D-4D3F-8B54-09C6ECBEFC46", "versionEndExcluding": "8.10"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:ge:multilin_b30:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "9AEAC84B-ED36-4D41-8CDC-84B30294667F"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:ge:multilin_b90_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F0DD7078-54B7-4908-B041-C389601FFE54", "versionEndExcluding": "8.10"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:ge:multilin_b90:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "8F9FE28C-1F33-4ECA-9004-B46912A1D8D8"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:ge:multilin_c60_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1A9D29A9-8351-48E0-BFCF-21945F586C51", "versionEndExcluding": "8.10"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:ge:multilin_c60:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "F14E4B7C-E38E-4877-9EB6-BE496CFBB8D4"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:ge:multilin_c70_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6AEDFEAA-FF6B-40AE-988D-96B37E6F7A15", "versionEndExcluding": "8.10"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:ge:multilin_c70:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "5F2E81E6-B718-4809-8D30-3074B0FB7239"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:ge:multilin_c95_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A6A8BC17-2B8A-4FCD-AED4-D60DBFA2CCAC", "versionEndExcluding": "8.10"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:ge:multilin_c95:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "AFD919B5-753E-40A8-8B14-BD0BA28386C7"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:ge:multilin_d30_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A3506446-AF0D-4AC4-8C0A-5616D27C267B", "versionEndExcluding": "8.10"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:ge:multilin_d30:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "9226C470-365B-4CFF-B1FF-326EA82E9C16"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:ge:multilin_d60_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B0E5D2F8-AA89-44E3-9316-E28357E525D8", "versionEndExcluding": "8.10"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:ge:multilin_d60:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "1CFC93A6-7FAB-4057-A962-6A9C8F0FD3DA"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:ge:multilin_f35_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C86C0AEE-795B-45B1-A917-00A355EC25CD", "versionEndExcluding": "8.10"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:ge:multilin_f35:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "B66B913C-6D8A-4B5E-92AF-0ABE67195C47"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:ge:multilin_f60_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D151332D-37C7-4F7B-A30E-EB7F927B905D", "versionEndExcluding": "8.10"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:ge:multilin_f60:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "313C6A1D-B50A-40C5-8553-68F21DFEDDDC"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:ge:multilin_g30_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D2E9423B-F49D-4AF7-8275-3216D615F279", "versionEndExcluding": "8.10"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:ge:multilin_g30:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "BC9965C1-9B3C-4B8A-8643-43678B5A6643"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:ge:multilin_g60_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2447F208-815E-44D2-91BC-7BFCFC85C977", "versionEndExcluding": "8.10"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:ge:multilin_g60:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "20A13929-C8B5-49E0-9F5C-EA443413C584"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:ge:multilin_l30_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2DE2725C-8778-479D-8743-F62B5763931D", "versionEndExcluding": "8.10"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:ge:multilin_l30:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "FF00D002-3C82-47B1-B585-DB91F33CEECC"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:ge:multilin_l60_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "34B1A2B8-B43B-4CCD-886A-0487C09E5279", "versionEndExcluding": "8.10"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:ge:multilin_l60:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "0F716F53-3AC6-41C6-A894-9712A8AFE58C"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:ge:multilin_l90_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "58A5CD1D-27C0-4D14-9FBE-A8C74BD9737B", "versionEndExcluding": "8.10"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:ge:multilin_l90:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "7BFF5085-6713-41FA-93D5-65AE4C8F8AD1"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:ge:multilin_m60_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E0B3453A-1B71-4ADD-8AC3-5D5436EAD879", "versionEndExcluding": "8.10"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:ge:multilin_m60:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "5431E320-7E3A-4BD3-B33A-3345CF20B20D"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:ge:multilin_n60_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "80DE8022-6349-4E53-B97B-AFAD1685E40E", "versionEndExcluding": "8.10"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:ge:multilin_n60:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "2217A440-FADD-40ED-A933-F3DBCF36E116"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:ge:multilin_t35_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "51F57944-8FDB-4541-A6ED-BF6D40916786", "versionEndExcluding": "8.10"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:ge:multilin_t35:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "4B7B0753-62C7-4972-AD22-FC3E31A5218F"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:ge:multilin_t60_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B97E0654-4407-48CE-BC07-E2385E86B65A", "versionEndExcluding": "8.10"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:ge:multilin_t60:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "5E75BD31-3057-42F4-BD1B-C68C797F39DF"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:ge:multilin_c30_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "10F68AE0-E4FC-4357-A619-B0B990FDC708", "versionEndExcluding": "8.10"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:ge:multilin_c30:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "314AA92C-5B56-475A-B65F-CF597CEBFB38"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "ics-cert@hq.dhs.gov"}