CVE-2021-27454
HIGHGE Reason DR60 Firmware < 02a04.1 - Improper Privilege Management
Title source: llmDescription
The software performs an operation at a privilege level higher than the minimum level required, which creates new weaknesses or amplifies the consequences of other weaknesses on the Reason DR60 (all firmware versions prior to 02A04.1).
References (1)
Core 1
Core References
Third Party Advisory, US Government Resource x_refsource_misc
https://us-cert.cisa.gov/ics/advisories/icsa-21-082-03
Scores
CVSS v3
7.8
EPSS
0.0023
EPSS Percentile
14.0%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-269
CWE-250
Status
published
Products (1)
ge/reason_dr60_firmware
< 02a04.1
Published
Mar 25, 2021
Tracked Since
Feb 18, 2026