PT-2021-23615 · Emerson · Wirelesshart Gateway+2

Amir Preminger

·

Published

2021-10-22

·

Updated

2021-10-27

·

CVE-2021-42536

CVSS v3.1

8.0

High

VectorAV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Product (affected versions not specified)
Description The issue allows all users access to read global variables, resulting in the disclosure of peer username and password.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Information Disclosure

Exposure of Resource to Wrong Sphere

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-200CWE-668

Related Identifiers

CVE-2021-42536

Affected Products

Wirelesshart Gateway
Wireless 1410D Gateway Firmware
Wireless 1420 Gateway Firmware