Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2021-20592
HistoryAug 05, 2021 - 9:15 p.m.

CVE-2021-20592

2021-08-0521:15:10
CWE-662
[email protected]
web.nvd.nist.gov
52
cve
vulnerability
synchronization
gt27
gt25
gt23
communication driver
modbus/tcp
dos
remote attacker
unauthenticated
modbus
tcp
communication port
nvd

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.002 Low

EPSS

Percentile

64.8%

JSON

Missing synchronization vulnerability in GOT2000 series GT27 model communication driver versions 01.19.000 through 01.39.010, GT25 model communication driver versions 01.19.000 through 01.39.010 and GT23 model communication driver versions 01.19.000 through 01.39.010 and GT SoftGOT2000 versions 1.170C through 1.256S allows a remote unauthenticated attacker to cause DoS condition on the MODBUS/TCP slave communication function of the products by rapidly and repeatedly connecting and disconnecting to and from the MODBUS/TCP communication port on a target. Restart or reset is required to recover.

Affected configurations

NVD
Node
mitsubishielectricgt_softgot2000Range1.170c1.256s
Node
mitsubishielectricgot2000_gt27_firmwareRange01.19.00001.39.010
AND
mitsubishielectricgot2000_gt27Match-
Node
mitsubishielectricgot2000_gt25_firmwareRange01.19.00001.39.010
AND
mitsubishielectricgot2000_gt25Match-
Node
mitsubishielectricgot2000_gt23_firmwareRange01.19.00001.39.010
AND
mitsubishielectricgot2000_gt23Match-

CNA Affected

[
  {
    "product": "GOT2000 series GT27 model; GT25 model; GT23 model; GT SoftGOT2000",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "communication driver versions 01.19.000 through 01.39.010"
      },
      {
        "status": "affected",
        "version": "versions 1.170C through 1.256S"
      }
    ]
  }
]

Related

ics 1
prion 1
nessus 1
cvelist 1
nvd 1
ics
ics
Mitsubishi Electric GOT2000 series and GT SoftGOT2000
2021-07-27 12:00:00
prion
prion
Design/Logic Flaw
2021-08-05 21:15:00
nessus
nessus
Mitsubishi Electric GOT2000 series and GT SoftGOT2000 (CVE-2021-20592)
2022-02-07 00:00:00
cvelist
cvelist
CVE-2021-20592
2021-08-05 20:46:50
nvd
nvd
CVE-2021-20592
2021-08-05 21:15:10

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.002 Low

EPSS

Percentile

64.8%

JSON
Related for CVE-2021-20592
ics1prion1nessus1cvelist1nvd1