Details of VAR-202103-1792

ID

VAR-202103-1792

TITLE

Huafu Kaiwu controX has an unauthorized access vulnerability

Trust: 0.6

sources: CNVD: CNVD-2021-07490

DESCRIPTION

The controX (Huafu Kaiwu) series of industrial configuration software is a cross-platform general-purpose operating system for the next generation of operating systems developed by Beijing Huafu Yuanke Technology Co., Ltd. after years of development in full integration of user needs and the latest development direction in the field of industrial automation Configuration platform software products. Huafu Kaiwu controX has an unauthorized access vulnerability. Attackers can use vulnerabilities to obtain sensitive information.

Trust: 0.6

sources: CNVD: CNVD-2021-07490

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2021-07490

AFFECTED PRODUCTS

vendor:

huafu yuanke

model:

controx

scope:

version:

3.0.18

Trust: 0.6

sources: CNVD: CNVD-2021-07490

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD:	CNVD-2021-07490
value:	LOW
Trust: 0.6

CNVD:	CNVD-2021-07490
severity:	LOW
baseScore:	2.1
vectorString:	AV:L/AC:L/AU:N/C:P/I:N/A:N
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	3.9
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

sources: CNVD: CNVD-2021-07490

EXTERNAL IDS

db:

CNVD

id:

CNVD-2021-07490

Trust: 0.6

sources: CNVD: CNVD-2021-07490

SOURCES

db:

CNVD

id:

CNVD-2021-07490

LAST UPDATE DATE

2022-05-04T10:14:49.035000+00:00

SOURCES UPDATE DATE

db:

CNVD

id:

CNVD-2021-07490

date:

2021-02-03T00:00:00

SOURCES RELEASE DATE

db:

CNVD

id:

CNVD-2021-07490

date:

2021-03-01T00:00:00