Vulnerability Details CVE-2021-33214
In HMS Ewon eCatcher through 6.6.4, weak filesystem permissions could allow malicious users to access files that could lead to sensitive information disclosure, modification of configuration files, or disruption of normal system operation.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 32.8%
CVSS Severity
CVSS v3 Score 6.1
CVSS v2 Score 6.0
References
- https://cdn.hms-networks.com/docs/librariesprovider6/cybersecurity/hms-security-advisory-2021-07-09-001---ewon-ecatcher.pdf?sfvrsn=b37418d7_4
- https://labs.bishopfox.com/advisories
- https://labs.bishopfox.com/advisories/ecatcher-desktop-version-6.6.4
- https://www.ewon.biz/about-us/security
- https://www.ewon.biz/technical-support/pages/talk2m/talk2m-tools/talk2m-ecatcher
- https://cdn.hms-networks.com/docs/librariesprovider6/cybersecurity/hms-security-advisory-2021-07-09-001---ewon-ecatcher.pdf?sfvrsn=b37418d7_4
- https://labs.bishopfox.com/advisories
- https://labs.bishopfox.com/advisories/ecatcher-desktop-version-6.6.4
- https://www.ewon.biz/about-us/security
- https://www.ewon.biz/technical-support/pages/talk2m/talk2m-tools/talk2m-ecatcher
Products affected by CVE-2021-33214
-
cpe:2.3:a:hms-networks:ecatcher:1.0.1
-
cpe:2.3:a:hms-networks:ecatcher:3.0.0
-
cpe:2.3:a:hms-networks:ecatcher:3.0.1
-
cpe:2.3:a:hms-networks:ecatcher:3.0.2
-
cpe:2.3:a:hms-networks:ecatcher:3.0.3
-
cpe:2.3:a:hms-networks:ecatcher:3.1.0
-
cpe:2.3:a:hms-networks:ecatcher:3.2.0
-
cpe:2.3:a:hms-networks:ecatcher:4.0.0
-
cpe:2.3:a:hms-networks:ecatcher:4.1.0
-
cpe:2.3:a:hms-networks:ecatcher:4.2.0
-
cpe:2.3:a:hms-networks:ecatcher:4.3.0
-
cpe:2.3:a:hms-networks:ecatcher:5.0.1
-
cpe:2.3:a:hms-networks:ecatcher:5.0.2
-
cpe:2.3:a:hms-networks:ecatcher:5.1.0
-
cpe:2.3:a:hms-networks:ecatcher:6.0.0
-
cpe:2.3:a:hms-networks:ecatcher:6.0.1
-
cpe:2.3:a:hms-networks:ecatcher:6.1.0
-
cpe:2.3:a:hms-networks:ecatcher:6.1.1
-
cpe:2.3:a:hms-networks:ecatcher:6.1.2
-
cpe:2.3:a:hms-networks:ecatcher:6.2.1
-
cpe:2.3:a:hms-networks:ecatcher:6.2.2
-
cpe:2.3:a:hms-networks:ecatcher:6.3.5
-
cpe:2.3:a:hms-networks:ecatcher:6.3.6
-
cpe:2.3:a:hms-networks:ecatcher:6.3.7
-
cpe:2.3:a:hms-networks:ecatcher:6.4.0
-
cpe:2.3:a:hms-networks:ecatcher:6.5.0
-
cpe:2.3:a:hms-networks:ecatcher:6.5.1
-
cpe:2.3:a:hms-networks:ecatcher:6.5.2
-
cpe:2.3:a:hms-networks:ecatcher:6.5.3
-
cpe:2.3:a:hms-networks:ecatcher:6.5.4
-
cpe:2.3:a:hms-networks:ecatcher:6.5.5
-
cpe:2.3:a:hms-networks:ecatcher:6.5.6
-
cpe:2.3:a:hms-networks:ecatcher:6.6.1
-
cpe:2.3:a:hms-networks:ecatcher:6.6.2
-
cpe:2.3:a:hms-networks:ecatcher:6.6.3
-
cpe:2.3:a:hms-networks:ecatcher:6.6.4