Bender Charge Controller: Unprotected data export
CVE-2021-34588

8.6HIGH

Key Information:

Vendor: Bender / Ebee
Status: Cc612; Cc613; Icc15xx; Icc16xx
Vendor: CVE Published:; 27 April 2022

🔔 Create Bender / Ebee Vulnerability Alert

What is CVE-2021-34588?

In Bender/ebee Charge Controllers in multiple versions are prone to unprotected data export. Backup export is protected via a random key. The key is set at user login. It is empty after reboot .

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

CC612 5.11.x < 5.11.2

CC612 5.12.x < 5.12.5

CC612 5.13.x < 5.13.2

References

https://cert.vde.com/en/advisories/VDE-2021-047

x_refsource_CONFIRM

CVSS V3.1

Score:

8.6

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Changed

Timeline

Vulnerability published
Apr 27, 2022
Vulnerability Reserved
Jun 10, 2021

Credit

Bender thanks the IT security researchers at OpenSource Security GmbH for their thorough and in-depth work. The issue was coordinated by CERT@VDE.

JSON

Bender / Ebee

What is CVE-2021-34588?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Credit

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.