CVE-2021-26726

Remote code execution in Valmet DNA before Collection 2021

CVSS 8.8 HIGHEPSS 1.1%CWE-209 CWE-272 CWE-305 CWE-78

A remote code execution vulnerability affecting a Valmet DNA service listening on TCP port 1517, allows an attacker to execute commands with SYSTEM privileges This issue affects: Valmet DNA versions from Collection 2012 until Collection 2021.

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected products

Valmet DNA · Valmet DNA

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://www.nozominetworks.com/labs/vulnerability-advisories/cve-2021-26726/https://www.valmet.com/about-us/research-and-development/vulnerabilityadvisories/