CVE-2021-26726
HIGHValmet DNA 2012-2021 - Remote Code Execution via TCP Port 1517
Title source: llmDescription
A remote code execution vulnerability affecting a Valmet DNA service listening on TCP port 1517, allows an attacker to execute commands with SYSTEM privileges This issue affects: Valmet DNA versions from Collection 2012 until Collection 2021.
References (2)
Core 2
Core References
Third Party Advisory x_refsource_confirm
https://www.nozominetworks.com/labs/vulnerability-advisories/cve-2021-26726/
Vendor Advisory x_refsource_misc
https://www.valmet.com/about-us/research-and-development/vulnerabilityadvisories/
Scores
CVSS v3
8.8
EPSS
0.0108
EPSS Percentile
60.6%
Attack Vector
ADJACENT_NETWORK
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-209
CWE-272
CWE-330
CWE-78
CWE-305
Status
published
Products (1)
valmet/dna
2012 - 2021
Published
Feb 16, 2022
Tracked Since
Feb 18, 2026