← voltar
CVE-2021-27503

CVE-2021-27503

EPSS 0.6%CWE-798
Vexday Risk Score
3Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS EPSS 0.6%KEV nãoPoC Nuclei Metasploit Patch
Ciclo de vida
02 ago 2021Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
Ypsomed mylife Cloud, mylife Mobile Application, Ypsomed mylife Cloud: All versions prior to 1.7.2, Ypsomed mylife App: All versions prior to 1.7.5,The application encrypts on the application layer of the communication protocol between the Ypsomed mylife App and mylife Cloud credentials based on hard-coded secrets, which allows man-in-the-middle attackers to tamper with messages.
Produtos afetados
n/a · Ypsomed mylife Cloud, mylife Mobile Application

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://us-cert.cisa.gov/ics/advisories/icsma-21-196-01