Cyber Resilience

CVE-2021-41552

High

Published: 15 February 2022

Published
15 February 2022
Modified
21 November 2024
KEV Added
Patch
CVSS Score v3.1 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0126 79.8th percentile
Risk Priority 18 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2021-41552 is a high-severity Command Injection (CWE-77) vulnerability in Commscope Arris Surfboard Sbg6950Ac2 Firmware. Its CVSS base score is 8.8 (High).

Operationally, ranked in the top 20.2% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

EU & UK References

Vulnerability details

CommScope SURFboard SBG6950AC2 9.1.103AA23 devices allow Command Injection.

CWE(s)

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

commscope
arris surfboard sbg6950ac2 firmware
9.1.103aa23
commscope
arris surfboard sbg7400ac2 firmware
all versions
commscope
arris surfboard sbg7580ac firmware
all versions
commscope
arris surfboard sbg7600ac2 firmware
all versions
commscope
arris surfboard sbg10 firmware
all versions

Mitigating Controls

No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.

References