Vulnerability identifier: #VU58507

Vulnerability risk: High

CVSSv3.1: 9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C]

CVE-ID: CVE-2021-43936

CWE-ID: CWE-434

Exploitation vector: Network

Exploits in database: 2

• May 13, 2022
  • WebHMI 4.0 - Remote Code Execution (RCE) (Authenticated) [Exploit-DB]
• December 13, 2021
  • CVE-2021-43936 (CVE-2021-43936 is a critical vulnerability (CVSS3 10.0) leading to Remote Code Execution (RCE) in WebHMI Firmware.) [Github]

Impact: Code execution

Vulnerable software:
WebHMI
Server applications / SCADA systems

Vendor: