Details of VAR-202103-1789

ID

VAR-202103-1789

TITLE

Huafu Kaiwu controX has a denial of service vulnerability

Trust: 0.6

sources: CNVD: CNVD-2021-07491

DESCRIPTION

The controX (Huafu Kaiwu) series of industrial configuration software is a cross-platform general-purpose operating system for the next generation of operating systems developed by Beijing Huafu Yuanke Technology Co., Ltd. after years of development in full integration of user needs and the latest development direction in the field of industrial automation Configuration platform software products. Huafu Kaiwu controX has a denial of service vulnerability. Attackers can use this vulnerability to cause the program to crash.

Trust: 0.6

sources: CNVD: CNVD-2021-07491

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2021-07491

AFFECTED PRODUCTS

vendor:

huafu yuanke

model:

controx

scope:

version:

3.0.18

Trust: 0.6

sources: CNVD: CNVD-2021-07491

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD:	CNVD-2021-07491
value:	MEDIUM
Trust: 0.6

CNVD:	CNVD-2021-07491
severity:	MEDIUM
baseScore:	4.9
vectorString:	AV:L/AC:L/AU:N/C:N/I:N/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

sources: CNVD: CNVD-2021-07491

EXTERNAL IDS

db:

CNVD

id:

CNVD-2021-07491

Trust: 0.6

sources: CNVD: CNVD-2021-07491

SOURCES

db:

CNVD

id:

CNVD-2021-07491

LAST UPDATE DATE

2022-05-04T09:21:24.720000+00:00

SOURCES UPDATE DATE

db:

CNVD

id:

CNVD-2021-07491

date:

2021-02-03T00:00:00

SOURCES RELEASE DATE

db:

CNVD

id:

CNVD-2021-07491

date:

2021-03-01T00:00:00