CVE-2021-22276

MEDIUM6.1JSON export Create alert

Description

The vulnerability allows a successful attacker to bypass the integrity check of FW uploaded to the free@home System Access Point.

CVSS breakdown

CVSS 3.1

Attack Vector

Local

Attack Complexity

Low

Privileges Required

None

User Interaction

Required

Scope

Unchanged

Confidentiality

None

Integrity

Low

Availability

High

Affected products

ABB / System Access Point2CKA006200A0156 – 2.6.3
ABB / System Access Point2CKA006200A0155 – 2.6.3
ABB / System Access Point2CKA006220A0240 – 2.6.3
ABB / System Access Point2CKA006220A0136 – 2.6.3
ABB / System Access Point2CKA006200A0130 – 2.6.3
ABB / System Access Point2CKA006200A0105 – 2.6.3
ABB / System Access Point2CKA006200A0071 – 2.6.3
Busch-Jaeger / System Access Point2CKA006220A0031 – 2.6.3
Busch-Jaeger / System Access Point2CKA006200A0154 – 2.6.3

References

MISChttps://search.abb.com/library/Download.aspx?DocumentID=9AKK107992A6475&LanguageCode=en&DocumentPartId=&Action=Launch