VDB
CVE-2021-27426
CVE-2021-27426
PUBLISHED
CVSS 9.800000190734863 CRITICAL
GE UR IED firmware versions prior to version 8.1x with “Basic” security variant does not allow the disabling of the “Factory Mode,” which is used for servicing the IED by a “Factory” user.
EPSS 0.29% · 52.6th percentile
Risk Scores
CVSS v3.1
9.800000190734863
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
0.29%
52.6th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| ge | multilin_c95_firmware | 0 |
| ge | multilin_t60_firmware | 0 |
| ge | multilin_l60_firmware | 0 |
| ge | multilin_m60_firmware | 0 |
| ge | multilin_t35_firmware | 0 |
| ge | multilin_g30_firmware | 0 |
| ge | multilin_f60_firmware | 0 |
| ge | multilin_d60_firmware | 0 |
| ge | multilin_b90_firmware | 0 |
| ge | multilin_g60_firmware | 0 |
| ge | multilin_l90_firmware | 0 |
| ge | multilin_b30_firmware | 0 |
| ge | multilin_c30_firmware | 0 |
| ge | multilin_n60_firmware | 0 |
| ge | multilin_l30_firmware | 0 |
| ge | multilin_d30_firmware | 0 |
| ge | multilin_f35_firmware | 0 |
| ge | multilin_c60_firmware | 0 |
| ge | multilin_c70_firmware | 0 |
| GE | UR family | unspecified |
Timeline
- Mar 23, 2022 CVE Published
- Mar 23, 2022 PoC Published
- Mar 24, 2022 EPSS Score
- May 14, 2022 EPSS Score
- Jul 4, 2022 EPSS Score
- Aug 25, 2022 EPSS Score
- Oct 14, 2022 EPSS Score
- Dec 4, 2022 EPSS Score
- Jan 24, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Mar 16, 2023 EPSS Score
- May 6, 2023 EPSS Score