Risk | High |
Patch available | YES |
Number of vulnerabilities | 2 |
CVE-ID | CVE-2021-43931 CVE-2021-43936 |
CWE-ID | CWE-287 CWE-434 |
Exploitation vector | Network |
Public exploit | Public exploit code for vulnerability #2 is available. |
Vulnerable software Subscribe |
WebHMI Server applications / SCADA systems |
Vendor |
Security Bulletin
This security bulletin contains information about 2 vulnerabilities.
EUVDB-ID: #VU58506
Risk: High
CVSSv3.1: 8.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-43931
CWE-ID:
CWE-287 - Improper Authentication
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass authentication process.
The vulnerability exists due to a separate weakness primary to the authentication error. A remote attacker can bypass authentication process and gain unauthorized access to the application.
MitigationInstall updates from vendor's website.
Vulnerable software versionsWebHMI: before 4.1
External linkshttp://ics-cert.us-cert.gov/advisories/icsa-21-336-03
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU58507
Risk: High
CVSSv3.1: 9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C]
CVE-ID: CVE-2021-43936
CWE-ID:
CWE-434 - Unrestricted Upload of File with Dangerous Type
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to insufficient validation of file during file upload. A remote attacker can upload a malicious file and execute it on the server.
MitigationInstall updates from vendor's website.
Vulnerable software versionsWebHMI: before 4.1
External linkshttp://ics-cert.us-cert.gov/advisories/icsa-21-336-03
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.