CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2021-25910

Improper Authentication vulnerability in the cookie parameter of ZIV AUTOMATION 4CCT-EA6-334126BF allows a local attacker to perform modifications in several parameters of the affected device as an authenticated user.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 21.6%

CVSS Severity

CVSS v3 Score 8.0

CVSS v2 Score 3.3

References

https://www.incibe-cert.es/en/early-warning/ics-advisories/4cct-vulnerable-improper-authentication
https://www.incibe-cert.es/en/early-warning/ics-advisories/4cct-vulnerable-improper-authentication

Products affected by CVE-2021-25910

Zivautomation » 4cct-Ea6-334126bf » Version: N/A

cpe:2.3:h:zivautomation:4cct-ea6-334126bf:-
Zivautomation » 4cct-Ea6-334126bf Firmware » Version: 3.23.77.8.33251

cpe:2.3:o:zivautomation:4cct-ea6-334126bf_firmware:3.23.77.8.33251

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-25910

Products

Pricing

Contact Us