← back
CVE-2021-34576

Observable discrepancy in Kaden PICOFLUX AiR leaks water consumption

CVSS 4.3 MEDIUMEPSS 0.4%CWE-203
Vexday Risk Score
13Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 4.3EPSS 0.4%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
16 Sep 2021Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
In Kaden PICOFLUX Air in all known versions an information exposure through observable discrepancy exists. This may give sensitive information (water consumption without distinct values) to third parties.
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Affected products
Kaden · PICOFLUX AiR

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://www.fit.vutbr.cz/~polcak/CVE-2021-34576.en