CVE-2021-27420: GE UR family input validation

Reference Links

• https://www.cisa.gov/uscert/ics/advisories/icsa-21-075-02
• https://www.gegridsolutions.com/Passport/Login.aspx
• https://www.cisa.gov/news-events/ics-advisories/icsa-21-075-02 (Advisory)

Parent vulnerabilities

(Appears in the following advisories)

• ICSA-21-075-02

Frequently Asked Questions

• What is CVE-2021-27420?

  CVE-2021-27420 is a vulnerability in GE UR firmware versions prior to version 8.1x that causes the web server to become temporarily unresponsive after receiving a series of unsupported HTTP requests.

• How does CVE-2021-27420 affect GE Multilin B30 Firmware?

  GE Multilin B30 Firmware versions prior to 8.10 are affected by CVE-2021-27420.

• How severe is CVE-2021-27420?

  CVE-2021-27420 has a severity value of 5.3, which is considered medium.

• How do I fix CVE-2021-27420?

  To fix CVE-2021-27420, update your GE UR firmware version to 8.1x or later.

• Where can I find more information about CVE-2021-27420?

  You can find more information about CVE-2021-27420 at the following references: [link1](https://www.cisa.gov/uscert/ics/advisories/icsa-21-075-02) and [link2](https://www.gegridsolutions.com/Passport/Login.aspx).