First published: Thu Jan 05 2023(Updated: )
DES cipher, which has inadequate encryption strength, is used Hitachi Energy FOXMAN-UN to encrypt user credentials used to access the Network Elements. Successful exploitation allows sensitive information to be decrypted easily. This issue affects * FOXMAN-UN product: FOXMAN-UN R16A, FOXMAN-UN R15B, FOXMAN-UN R15A, FOXMAN-UN R14B, FOXMAN-UN R14A, FOXMAN-UN R11B, FOXMAN-UN R11A, FOXMAN-UN R10C, FOXMAN-UN R9C; * UNEM product: UNEM R16A, UNEM R15B, UNEM R15A, UNEM R14B, UNEM R14A, UNEM R11B, UNEM R11A, UNEM R10C, UNEM R9C. List of CPEs: * cpe:2.3:a:hitachienergy:foxman-un:R16A:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:foxman-un:R15B:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:foxman-un:R15A:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:foxman-un:R14B:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:foxman-un:R14A:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:foxman-un:R11B:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:foxman-un:R11A:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:foxman-un:R10C:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:foxman-un:R9C:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:unem:R16A:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:unem:R15B:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:unem:R15A:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:unem:R14B:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:unem:R14A:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:unem:R11B:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:unem:R11A:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:unem:R10C:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:unem:R9C:*:*:*:*:*:*:*
Credit: cybersecurity@hitachienergy.com
Affected Software | Affected Version | How to fix |
---|---|---|
Hitachienergy Foxman-un | =r9c | |
Hitachienergy Foxman-un | =r10c | |
Hitachienergy Foxman-un | =r11a | |
Hitachienergy Foxman-un | =r11b | |
Hitachienergy Foxman-un | =r14a | |
Hitachienergy Foxman-un | =r14b | |
Hitachienergy Foxman-un | =r15a | |
Hitachienergy Foxman-un | =r15b | |
Hitachienergy Foxman-un | =r16a | |
Hitachienergy Unem | =r9c | |
Hitachienergy Unem | =r10c | |
Hitachienergy Unem | =r11a | |
Hitachienergy Unem | =r11b | |
Hitachienergy Unem | =r14a | |
Hitachienergy Unem | =r14b | |
Hitachienergy Unem | =r15a | |
Hitachienergy Unem | =r15b | |
Hitachienergy Unem | =r16a |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2021-40341 is a vulnerability where the DES cipher with inadequate encryption strength is used in Hitachi Energy FOXMAN-UN to encrypt user credentials, making sensitive information easily decrypted.
The severity of CVE-2021-40341 is high, with a severity value of 5.5.
CVE-2021-40341 affects Hitachi Energy FOXMAN-UN versions: FOXMAN-UN R16A, FOXMAN-UN R15B, FOXMAN-UN R15A, FOXMAN-UN R14B, FOXMAN-UN R14A, FOXMAN-UN R11B, FOXMAN-UN R11A, FOXMAN-UN R10C, and FOXMAN-UN R9C.
Successful exploitation of CVE-2021-40341 allows an attacker to easily decrypt sensitive information by exploiting the inadequate encryption strength of the DES cipher.
Yes, you can find more information about CVE-2021-40341 at the following references: [Reference 1](https://search.abb.com/library/Download.aspx?DocumentID=8DBD000083&LanguageCode=en&DocumentPartId=&Action=Launch) and [Reference 2](https://search.abb.com/library/Download.aspx?DocumentID=8DBD000084&LanguageCode=en&DocumentPartId=&Action=Launch).