CVE-2021-22708

First published: Wed Jul 21 2021(Updated: )

A CWE-347: Improper Verification of Cryptographic Signature vulnerability exists in EVlink City (EVC1S22P4 / EVC1S7P4 all versions prior to R8 V3.4.0.1), EVlink Parking (EVW2 / EVF2 / EV.2 all versions prior to R8 V3.4.0.1), and EVlink Smart Wallbox (EVB1A all versions prior to R8 V3.4.0.1 ) that could allow an attacker to craft a malicious firmware package and bypass the signature verification mechanism.

Credit: cybersecurity@se.com

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

• collector/nvd-index
• agent/references
• agent/weakness
• agent/tags
• agent/type
• agent/event
• agent/severity
• agent/author
• agent/description
• agent/last-modified-date
• agent/softwarecombine
• agent/first-publish-date
• collector/mitre-cve
• source/MITRE
• vendor/schneider-electric
• canonical/schneider-electric evlink city evc1s22p4 firmware
• canonical/schneider-electric evlink city evc1s22p4
• canonical/schneider-electric evlink city evc1s7p4 firmware
• canonical/schneider-electric evlink city evc1s7p4
• canonical/schneider-electric evlink parking evw2 firmware
• canonical/schneider-electric evlink parking evw2
• canonical/schneider-electric evlink parking evf2 firmware
• canonical/schneider-electric evlink parking evf2
• canonical/schneider-electric evlink parking ev.2 firmware
• canonical/schneider-electric evlink parking ev.2
• canonical/schneider-electric evlink smart wallbox evb1a firmware
• canonical/schneider-electric evlink smart wallbox evb1a