Rewterz Threat Advisory – ICS: Schneider Electric SESU Vulnerability
December 3, 2021Rewterz Threat Advisory – ICS: Multiple Hitachi Energy Vulnerabilities
December 3, 2021Rewterz Threat Advisory – ICS: Schneider Electric SESU Vulnerability
December 3, 2021Rewterz Threat Advisory – ICS: Multiple Hitachi Energy Vulnerabilities
December 3, 2021Severity
High
Analysis Summary
CVE-2021-36198
Johnson Controls Entrapass could allow a remote attacker to obtain sensitive information, caused by an unspecified flaw. By sending a specially-crafted request, an attacker could exploit this vulnerability to obtain sensitive information, and use this information to launch further attacks against the affected system.
Impact
- Information Disclosure
Affected Vendors
- Johnson Controls
Affected Products
- Entrapass: All versions prior to 8.40
Remediation
Refer to CISA Advisory for the patch, upgrade, or suggested workaround information.