CVE-2021-33017
HIGHPhilips IntelliBridge EC40 and EC80 Firmware < c.00.04 - Unauthenticated Authentication Bypass via Alternate Path
Title source: llmDescription
The standard access path of the IntelliBridge EC 40 and 60 Hub (C.00.04 and prior) requires authentication, but the product has an alternate path or channel that does not require authentication.
References (1)
Core 1
Core References
Third Party Advisory, US Government Resource x_refsource_misc
https://www.cisa.gov/uscert/ics/advisories/icsma-21-322-01
Scores
CVSS v3
8.1
EPSS
0.0045
EPSS Percentile
35.8%
Attack Vector
ADJACENT_NETWORK
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
Details
CWE
CWE-288
Status
published
Products (2)
philips/intellibridge_ec40_firmware
< c.00.04
philips/intellibridge_ec80_firmware
< c.00.04
Published
Dec 27, 2021
Tracked Since
Feb 18, 2026