CVE-2021-40334 HIGH

CVE-2021-40334: SSH activation problem in the proprietary management protocol (port TCP 5558)

Vendor Hitachi Energy
Product FOX61x
Weakness CWE-431
Published December 2, 2021
Last update September 16, 2024

CVSS base score

8.6/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction None
Confidentiality None
Integrity None

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

What the vulnerability does

01Description

Missing Handler vulnerability in the proprietary management protocol (port TCP 5558) of Hitachi Energy FOX61x, XCM20 allows an attacker that exploits the vulnerability by activating SSH on port TCP 5558 to cause disruption to the NMS and NE communication. This issue affects: Hitachi Energy FOX61x versions prior to R15A. Hitachi Energy XCM20 versions prior to R15A.

Key dates

02Disclosure timeline

December 2, 2021 CVE published
September 16, 2024 Record updated