CVE-2021-26726 : A remote code execution vulnerability affecting a Valmet DNA service listening o

A remote code execution vulnerability affecting a Valmet DNA service listening on TCP port 1517, allows an attacker to execute commands with SYSTEM privileges This issue affects: Valmet DNA versions from Collection 2012 until Collection 2021.

Published 2022-02-16 16:15:08

Updated 2023-06-30 21:23:47

Source Nozomi Networks Inc.

View at NVD, CVE.org

Vulnerability category: Execute code

Products affected by CVE-2021-26726

Valmet » DNA
Versions from including (>=) 2012 and up to, including, (<=) 2021
cpe:2.3:a:valmet:dna:*:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2021-26726

EPSS FAQ

1.08%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 76 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2021-26726

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
8.3	HIGH	AV:A/AC:L/Au:N/C:C/I:C/A:C	6.5	10.0	NIST
Access Vector: Adjacent Network Access Complexity: Low Authentication: None Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: Complete
8.8	HIGH	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	2.8	5.9	NIST
Attack Vector: Adjacent Network Attack Complexity: Low Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: High Integrity: High Availability: High
8.8	HIGH	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	2.8	5.9	Nozomi Networks Inc.
Attack Vector: Adjacent Network Attack Complexity: Low Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: High Integrity: High Availability: High

CWE ids for CVE-2021-26726

CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.

Assigned by: prodsec@nozominetworks.com (Secondary)
CWE-209 Generation of Error Message Containing Sensitive Information

The product generates an error message that includes sensitive information about its environment, users, or associated data.

Assigned by: prodsec@nozominetworks.com (Secondary)
CWE-272 Least Privilege Violation

The elevated privilege level required to perform operations such as chroot() should be dropped immediately after the operation is performed.

Assigned by: prodsec@nozominetworks.com (Secondary)
CWE-305 Authentication Bypass by Primary Weakness

The authentication algorithm is sound, but the implemented mechanism can be bypassed as the result of a separate weakness that is primary to the authentication error.

Assigned by: prodsec@nozominetworks.com (Secondary)
CWE-326 Inadequate Encryption Strength

The product stores or transmits sensitive data using an encryption scheme that is theoretically sound, but is not strong enough for the level of protection required.

Assigned by: nvd@nist.gov (Primary)
CWE-330 Use of Insufficiently Random Values

The product uses insufficiently random numbers or values in a security context that depends on unpredictable numbers.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2021-26726

https://www.valmet.com/about-us/research-and-development/vulnerabilityadvisories/

Security advisories
Vendor Advisory
https://www.nozominetworks.com/labs/vulnerability-advisories/cve-2021-26726/

Valmet DNA remote code execution - CVE-2021-26726
Third Party Advisory

Jump to

Vulnerability Details : CVE-2021-26726

Products affected by CVE-2021-26726

Exploit prediction scoring system (EPSS) score for CVE-2021-26726

CVSS scores for CVE-2021-26726

CWE ids for CVE-2021-26726

References for CVE-2021-26726