Vulnerability: Inability to Disable Factory Mode in GE UR IED Firmware Versions Prior to 8.1x

Vulnerability: Inability to Disable Factory Mode in GE UR IED Firmware Versions Prior to 8.1x

CVE-2021-27426 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

GE UR IED firmware versions prior to version 8.1x with “Basic” security variant does not allow the disabling of the “Factory Mode,” which is used for servicing the IED by a “Factory” user.

Learn more about our User Device Pen Test.