SSH activation problem in the proprietary management protocol (port TCP 5558)
CVE-2021-40334

8.6HIGH

Key Information:

Vendor: Hitachi
Status: Fox61x; Xcm20
Vendor: CVE Published:; 2 December 2021

Summary

Missing Handler vulnerability in the proprietary management protocol (port TCP 5558) of Hitachi Energy FOX61x, XCM20 allows an attacker that exploits the vulnerability by activating SSH on port TCP 5558 to cause disruption to the NMS and NE communication. This issue affects: Hitachi Energy FOX61x versions prior to R15A. Hitachi Energy XCM20 versions prior to R15A.

Affected Version(s)

FOX61x R15A

XCM20 R15A

References

https://search.abb.com/library/Download.aspx?DocumentID=8...

x_refsource_CONFIRM

https://search.abb.com/library/Download.aspx?DocumentID=8...

x_refsource_CONFIRM

CVSS V3.1

Score:

8.6

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Changed

Timeline

Vulnerability published
Dec 2, 2021
Vulnerability Reserved
Aug 31, 2021

Collectors

NVD DatabaseMitre Database