CVE Published: 23/03/2022 |
CVE Updated: 03/08/2024 |
CVE Year: 2021 Source: icscert |
Vendor: GE |
Product: UR family Status : PUBLISHED
CVE-2021-27426 Description
GE UR IED firmware versions prior to version 8.1x with “Basic” security variant does not allow the disabling of the “Factory Mode,” which is used for servicing the IED by a “Factory” user.
Metrics
CVSS Version: 3.1 |
Base Score: 9.8 CRITICAL Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H