CVE-2021-35530

User authentication bypass in TXpert Hub CoreTec 4

Severity Score

6.7

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

A vulnerability in the application authentication and authorization mechanism in Hitachi Energy's TXpert Hub CoreTec 4, that depends on a token validation of the session identifier, allows an unauthorized modified message to be executed in the server enabling an unauthorized actor to change an existing user password, and further gain authorized access into the system via login mechanism. This issue affects: Hitachi Energy TXpert Hub CoreTec 4 version 2.0.0 2.1.0; 2.1.0; 2.1.1; 2.1.2; 2.1.3; 2.2.0; 2.2.1.

Una vulnerabilidad en el mecanismo de autenticación y autorización de la aplicación TXpert Hub CoreTec 4 de Hitachi Energy, que depende de la comprobación del identificador de sesión, permite que sea ejecutado un mensaje modificado no autorizado en el servidor, lo que permite a un actor no autorizado cambiar una contraseña de usuario existente y, además, conseguir acceso autorizado al sistema por medio del mecanismo de inicio de sesión. Este problema afecta a: Hitachi Energy TXpert Hub CoreTec 4 versiones 2.0.0; 2.1.0; 2.1.1; 2.1.2; 2.1.3; 2.2.0; 2.2.1

*Credits: N/A

CVSS Scores

Attack Vector

Local

Attack Complexity

Low

Privileges Required

High

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Attack Vector

Local

Attack Complexity

High

Privileges Required

High

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

Low

Attack Vector

Local

Attack Complexity

Low

Authentication

None

Confidentiality

Complete

Integrity

Complete

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2021-06-28 CVE Reserved
2022-06-07 CVE Published
2023-12-29 EPSS Updated
2024-09-16 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-288: Authentication Bypass Using an Alternate Path or Channel

CAPEC

References (1)

URL	Tag	Source

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC
https://search.abb.com/library/Download.aspx?DocumentID=8DBD000080&LanguageCode=en&DocumentPartId=&Action=Launch&utm_campaign=&utm_content=2022.04_5763_Cybersecurity%20Advisory%20Update_May_03&utm_medium=email&utm_source=Eloqua	2023-06-26

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Hitachienergy Search vendor "Hitachienergy"	Txpert Hub Coretec 4 Firmware Search vendor "Hitachienergy" for product "Txpert Hub Coretec 4 Firmware"	2.0.0 Search vendor "Hitachienergy" for product "Txpert Hub Coretec 4 Firmware" and version "2.0.0"	-	Affected	in	Hitachienergy Search vendor "Hitachienergy"	Txpert Hub Coretec 4 Search vendor "Hitachienergy" for product "Txpert Hub Coretec 4"	-	-	Safe
Hitachienergy Search vendor "Hitachienergy"	Txpert Hub Coretec 4 Firmware Search vendor "Hitachienergy" for product "Txpert Hub Coretec 4 Firmware"	2.0.1 Search vendor "Hitachienergy" for product "Txpert Hub Coretec 4 Firmware" and version "2.0.1"	-	Affected	in	Hitachienergy Search vendor "Hitachienergy"	Txpert Hub Coretec 4 Search vendor "Hitachienergy" for product "Txpert Hub Coretec 4"	-	-	Safe
Hitachienergy Search vendor "Hitachienergy"	Txpert Hub Coretec 4 Firmware Search vendor "Hitachienergy" for product "Txpert Hub Coretec 4 Firmware"	2.1.0 Search vendor "Hitachienergy" for product "Txpert Hub Coretec 4 Firmware" and version "2.1.0"	-	Affected	in	Hitachienergy Search vendor "Hitachienergy"	Txpert Hub Coretec 4 Search vendor "Hitachienergy" for product "Txpert Hub Coretec 4"	-	-	Safe
Hitachienergy Search vendor "Hitachienergy"	Txpert Hub Coretec 4 Firmware Search vendor "Hitachienergy" for product "Txpert Hub Coretec 4 Firmware"	2.1.1 Search vendor "Hitachienergy" for product "Txpert Hub Coretec 4 Firmware" and version "2.1.1"	-	Affected	in	Hitachienergy Search vendor "Hitachienergy"	Txpert Hub Coretec 4 Search vendor "Hitachienergy" for product "Txpert Hub Coretec 4"	-	-	Safe
Hitachienergy Search vendor "Hitachienergy"	Txpert Hub Coretec 4 Firmware Search vendor "Hitachienergy" for product "Txpert Hub Coretec 4 Firmware"	2.1.2 Search vendor "Hitachienergy" for product "Txpert Hub Coretec 4 Firmware" and version "2.1.2"	-	Affected	in	Hitachienergy Search vendor "Hitachienergy"	Txpert Hub Coretec 4 Search vendor "Hitachienergy" for product "Txpert Hub Coretec 4"	-	-	Safe
Hitachienergy Search vendor "Hitachienergy"	Txpert Hub Coretec 4 Firmware Search vendor "Hitachienergy" for product "Txpert Hub Coretec 4 Firmware"	2.1.3 Search vendor "Hitachienergy" for product "Txpert Hub Coretec 4 Firmware" and version "2.1.3"	-	Affected	in	Hitachienergy Search vendor "Hitachienergy"	Txpert Hub Coretec 4 Search vendor "Hitachienergy" for product "Txpert Hub Coretec 4"	-	-	Safe
Hitachienergy Search vendor "Hitachienergy"	Txpert Hub Coretec 4 Firmware Search vendor "Hitachienergy" for product "Txpert Hub Coretec 4 Firmware"	2.2.0 Search vendor "Hitachienergy" for product "Txpert Hub Coretec 4 Firmware" and version "2.2.0"	-	Affected	in	Hitachienergy Search vendor "Hitachienergy"	Txpert Hub Coretec 4 Search vendor "Hitachienergy" for product "Txpert Hub Coretec 4"	-	-	Safe
Hitachienergy Search vendor "Hitachienergy"	Txpert Hub Coretec 4 Firmware Search vendor "Hitachienergy" for product "Txpert Hub Coretec 4 Firmware"	2.2.1 Search vendor "Hitachienergy" for product "Txpert Hub Coretec 4 Firmware" and version "2.2.1"	-	Affected	in	Hitachienergy Search vendor "Hitachienergy"	Txpert Hub Coretec 4 Search vendor "Hitachienergy" for product "Txpert Hub Coretec 4"	-	-	Safe