PT-2021-14122 · Unknown · Solarview Compact Sv-Cpt-Mc310

Ramuel Gall

Published

2021-02-24

Updated

2021-03-01

CVE-2021-20662

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Name of the Vulnerable Software and Affected Versions: SolarView Compact SV-CPT-MC310 versions prior to Ver.6.5

Description: The issue is related to missing authentication for a critical function, allowing an attacker to alter setting information without access privileges via unspecified vectors.

Recommendations: For SolarView Compact SV-CPT-MC310 versions prior to Ver.6.5, update to Ver.6.5 or later to resolve the issue. As a temporary workaround, consider restricting access to the critical function to minimize the risk of exploitation.

Fix

Missing Authentication

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-306

Related Identifiers

CVE-2021-20662

Affected Products

Solarview Compact Sv-Cpt-Mc310

PT-2021-14122 · Unknown · Solarview Compact Sv-Cpt-Mc310

CVE-2021-20662

Weakness Enumeration

Related Identifiers

Affected Products

References · 7