First published: Thu Jan 05 2023(Updated: )
In the DES implementation, the affected product versions use a default key for encryption. Successful exploitation allows an attacker to obtain sensitive information and gain access to the network elements that are managed by the affected products versions. This issue affects * FOXMAN-UN product: FOXMAN-UN R16A, FOXMAN-UN R15B, FOXMAN-UN R15A, FOXMAN-UN R14B, FOXMAN-UN R14A, FOXMAN-UN R11B, FOXMAN-UN R11A, FOXMAN-UN R10C, FOXMAN-UN R9C; * UNEM product: UNEM R16A, UNEM R15B, UNEM R15A, UNEM R14B, UNEM R14A, UNEM R11B, UNEM R11A, UNEM R10C, UNEM R9C. List of CPEs: * cpe:2.3:a:hitachienergy:foxman-un:R16A:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:foxman-un:R15B:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:foxman-un:R15A:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:foxman-un:R14B:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:foxman-un:R14A:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:foxman-un:R11B:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:foxman-un:R11A:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:foxman-un:R10C:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:foxman-un:R9C:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:unem:R16A:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:unem:R15B:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:unem:R15A:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:unem:R14B:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:unem:R14A:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:unem:R11B:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:unem:R11A:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:unem:R10C:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:unem:R9C:*:*:*:*:*:*:*
Credit: cybersecurity@hitachienergy.com cybersecurity@hitachienergy.com
Affected Software | Affected Version | How to fix |
---|---|---|
Hitachienergy Foxman-un | =r9c | |
Hitachienergy Foxman-un | =r10c | |
Hitachienergy Foxman-un | =r11a | |
Hitachienergy Foxman-un | =r11b | |
Hitachienergy Foxman-un | =r14a | |
Hitachienergy Foxman-un | =r14b | |
Hitachienergy Foxman-un | =r15a | |
Hitachienergy Foxman-un | =r15b | |
Hitachienergy Foxman-un | =r16a | |
Hitachienergy Unem | =r9c | |
Hitachienergy Unem | =r10c | |
Hitachienergy Unem | =r11a | |
Hitachienergy Unem | =r11b | |
Hitachienergy Unem | =r14a | |
Hitachienergy Unem | =r14b | |
Hitachienergy Unem | =r15a | |
Hitachienergy Unem | =r15b | |
Hitachienergy Unem | =r16a |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this issue is CVE-2021-40342.
CVE-2021-40342 has a severity rating of 9.8, which is considered critical.
The affected products include FOXMAN-UN product versions r9c, r10c, r11a, r11b, r14a, r14b, r15a, r15b, and r16a.
Successful exploitation of CVE-2021-40342 allows an attacker to obtain sensitive information and gain access to the network elements managed by the affected products.
Yes, you can find references for CVE-2021-40342 [here](https://search.abb.com/library/Download.aspx?DocumentID=8DBD000083&LanguageCode=en&DocumentPartId=&Action=Launch) and [here](https://search.abb.com/library/Download.aspx?DocumentID=8DBD000084&LanguageCode=en&DocumentPartId=&Action=Launch).