ZIV AUTOMATION 4CCT vulnerable to improper authentication
CVE-2021-25910

8HIGH

Key Information:

Vendor: Ziv Automation
Status: 4cct-ea6-334126bf
Vendor: CVE Published:; 29 January 2021

🔔 Create Ziv Automation Vulnerability Alert

What is CVE-2021-25910?

Improper Authentication vulnerability in the cookie parameter of ZIV AUTOMATION 4CCT-EA6-334126BF allows a local attacker to perform modifications in several parameters of the affected device as an authenticated user.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

4CCT-EA6-334126BF 3.23.77.8.33251

References

https://www.incibe-cert.es/en/early-warning/ics-advisorie...

x_refsource_CONFIRM

CVSS V3.1

Score:

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Jan 29, 2021
Vulnerability Reserved
Jan 22, 2021

Credit

Industrial Cybersecurity team of S21Sec, special mention to Aarón Flecha Menéndez

JSON

Ziv Automation

What is CVE-2021-25910?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Credit

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.