Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2021-20601
HistoryNov 23, 2021 - 3:15 p.m.

CVE-2021-20601

2021-11-2315:15:07
CWE-20
[email protected]
web.nvd.nist.gov
29
cve-2021-20601
input validation
vulnerability
remote attack
got2000 series
unauthenticated
malicious packet
system malfunction

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

COMPLETE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:C/A:N

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

7.5 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

51.5%

JSON

Improper input validation vulnerability in GOT2000 series GT27 model all versions, GOT2000 series GT25 model all versions, GOT2000 series GT23 model all versions, GOT2000 series GT21 model all versions, GOT SIMPLE series GS21 model all versions, and GT SoftGOT2000 all versions allows an remote unauthenticated attacker to write a value that exceeds the configured input range limit by sending a malicious packet to rewrite the device value. As a result, the system operation may be affected, such as malfunction.

Affected configurations

NVD
Node
mitsubishielectricgt_softgot2000Match-
Node
mitsubishielectricgot_simple_gs2110-wtbd_firmwareMatch-
AND
mitsubishielectricgot_simple_gs2110-wtbdMatch-
Node
mitsubishielectricgot_simple_gs2107-wtbd_firmwareMatch-
AND
mitsubishielectricgot_simple_gs2107-wtbdMatch-
Node
mitsubishielectricgot2000_gt2104-rtbd_firmwareMatch-
AND
mitsubishielectricgot2000_gt2104-rtbdMatch-
Node
mitsubishielectricgot2000_gt2103-pmbd_firmwareMatch-
AND
mitsubishielectricgot2000_gt2103-pmbdMatch-
Node
mitsubishielectricgot2000_gt2103-pmbds_firmwareMatch-
AND
mitsubishielectricgot2000_gt2103-pmbdsMatch-
Node
mitsubishielectricgot2000_gt2103-pmbds2_firmwareMatch-
AND
mitsubishielectricgot2000_gt2103-pmbds2Match-
Node
mitsubishielectricgot2000_gt2103-pmbls_firmwareMatch-
AND
mitsubishielectricgot2000_gt2103-pmblsMatch-
Node
mitsubishielectricgot2000_gt2107-wtbd_firmwareMatch-
AND
mitsubishielectricgot2000_gt2107-wtbdMatch-
Node
mitsubishielectricgot2000_gt2310-vtba_firmwareMatch-
AND
mitsubishielectricgot2000_gt2310-vtbaMatch-
Node
mitsubishielectricgot2000_gt2310-vtbd_firmwareMatch-
AND
mitsubishielectricgot2000_gt2310-vtbdMatch-
Node
mitsubishielectricgot2000_gt2308-vtbd_firmwareMatch-
AND
mitsubishielectricgot2000_gt2308-vtbdMatch-
Node
mitsubishielectricgot2000_gt2308-vtba_firmwareMatch-
AND
mitsubishielectricgot2000_gt2308-vtbaMatch-
Node
mitsubishielectricgot2000_gt2507t-wtsd_firmwareMatch-
AND
mitsubishielectricgot2000_gt2507t-wtsdMatch-
Node
mitsubishielectricgot2000_gt2507-wtsd_firmwareMatch-
AND
mitsubishielectricgot2000_gt2507-wtsdMatch-
Node
mitsubishielectricgot2000_gt2507-wtbd_firmwareMatch-
AND
mitsubishielectricgot2000_gt2507-wtbdMatch-
Node
mitsubishielectricgot2000_gt2512-wxtsd_firmwareMatch-
AND
mitsubishielectricgot2000_gt2512-wxtsdMatch-
Node
mitsubishielectricgot2000_gt2510-wxtbd_firmwareMatch-
AND
mitsubishielectricgot2000_gt2510-wxtbdMatch-
Node
mitsubishielectricgot2000_gt2510-wxtsd_firmwareMatch-
AND
mitsubishielectricgot2000_gt2510-wxtsdMatch-
Node
mitsubishielectricgot2000_gt2512-wxtbd_firmwareMatch-
AND
mitsubishielectricgot2000_gt2512-wxtbdMatch-
Node
mitsubishielectricgot2000_gt2505hs-vtbd_firmwareMatch-
AND
mitsubishielectricgot2000_gt2505hs-vtbdMatch-
Node
mitsubishielectricgot2000_gt2506hs-vtbd_firmwareMatch-
AND
mitsubishielectricgot2000_gt2506hs-vtbdMatch-
Node
mitsubishielectricgot2000_gt2512-stba_firmwareMatch-
AND
mitsubishielectricgot2000_gt2512-stbaMatch-
Node
mitsubishielectricgot2000_gt2512-stbd_firmwareMatch-
AND
mitsubishielectricgot2000_gt2512-stbdMatch-
Node
mitsubishielectricgot2000_gt2510-vtba_firmwareMatch-
AND
mitsubishielectricgot2000_gt2510-vtbaMatch-
Node
mitsubishielectricgot2000_gt2510-vtbd_firmwareMatch-
AND
mitsubishielectricgot2000_gt2510-vtbdMatch-
Node
mitsubishielectricgot2000_gt2510-vtwa_firmwareMatch-
AND
mitsubishielectricgot2000_gt2510-vtwaMatch-
Node
mitsubishielectricgot2000_gt2510-vtwd_firmwareMatch-
AND
mitsubishielectricgot2000_gt2510-vtwdMatch-
Node
mitsubishielectricgot2000_gt2508-vtba_firmwareMatch-
AND
mitsubishielectricgot2000_gt2508-vtbaMatch-
Node
mitsubishielectricgot2000_gt2508-vtbd_firmwareMatch-
AND
mitsubishielectricgot2000_gt2508-vtbdMatch-
Node
mitsubishielectricgot2000_gt2508-vtwa_firmwareMatch-
AND
mitsubishielectricgot2000_gt2508-vtwaMatch-
Node
mitsubishielectricgot2000_gt2508-vtwd_firmwareMatch-
AND
mitsubishielectricgot2000_gt2508-vtwdMatch-
Node
mitsubishielectricgot2000_gt2505-vtbd_firmwareMatch-
AND
mitsubishielectricgot2000_gt2505-vtbdMatch-
Node
mitsubishielectricgot2000_gt2705-vtbd_firmwareMatch-
AND
mitsubishielectricgot2000_gt2705-vtbdMatch-
Node
mitsubishielectricgot2000_gt2708-vtbd_firmwareMatch-
AND
mitsubishielectricgot2000_gt2708-vtbdMatch-
Node
mitsubishielectricgot2000_gt2708-vtba_firmwareMatch-
AND
mitsubishielectricgot2000_gt2708-vtbaMatch-
Node
mitsubishielectricgot2000_gt2708-stba_firmwareMatch-
AND
mitsubishielectricgot2000_gt2708-stbaMatch-
Node
mitsubishielectricgot2000_gt2708-stbd_firmwareMatch-
AND
mitsubishielectricgot2000_gt2708-stbdMatch-
Node
mitsubishielectricgot2000_gt2710-stba_firmwareMatch-
AND
mitsubishielectricgot2000_gt2710-stbaMatch-
Node
mitsubishielectricgot2000_gt2710-stbd_firmwareMatch-
AND
mitsubishielectricgot2000_gt2710-stbdMatch-
Node
mitsubishielectricgot2000_gt2710-vtba_firmwareMatch-
AND
mitsubishielectricgot2000_gt2710-vtbaMatch-
Node
mitsubishielectricgot2000_gt2710-vtbd_firmwareMatch-
AND
mitsubishielectricgot2000_gt2710-vtbdMatch-
Node
mitsubishielectricgot2000_gt2710-vtwa_firmwareMatch-
AND
mitsubishielectricgot2000_gt2710-vtwaMatch-
Node
mitsubishielectricgot2000_gt2710-vtwd_firmwareMatch-
AND
mitsubishielectricgot2000_gt2710-vtwdMatch-
Node
mitsubishielectricgot2000_gt2712-stwd_firmwareMatch-
AND
mitsubishielectricgot2000_gt2712-stwdMatch-
Node
mitsubishielectricgot2000_gt2712-stwa_firmwareMatch-
AND
mitsubishielectricgot2000_gt2712-stwaMatch-
Node
mitsubishielectricgot2000_gt2712-stba_firmwareMatch-
AND
mitsubishielectricgot2000_gt2712-stbaMatch-
Node
mitsubishielectricgot2000_gt2712-stbd_firmwareMatch-
AND
mitsubishielectricgot2000_gt2712-stbdMatch-
Node
mitsubishielectricgot2000_gt2715-xtbd_firmwareMatch-
AND
mitsubishielectricgot2000_gt2715-xtbdMatch-
Node
mitsubishielectricgot2000_gt2715-xtba_firmwareMatch-
AND
mitsubishielectricgot2000_gt2715-xtbaMatch-

CNA Affected

[
  {
    "product": "GOT2000 series GT27 model; GOT2000 series GT25 model; GOT2000 series GT23 model; GOT2000 series GT21 model; GOT SIMPLE series GS21 model; GT SoftGOT2000",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "All versions"
      }
    ]
  }
]

Related

cvelist 1
prion 1
nvd 1
nessus 1
ics 1
cvelist
cvelist
CVE-2021-20601
2021-11-23 14:42:53
prion
prion
Input validation
2021-11-23 15:15:00
nvd
nvd
CVE-2021-20601
2021-11-23 15:15:07
nessus
nessus
Mitsubishi Electric GOT products (CVE-2021-20601)
2022-02-07 00:00:00
ics
ics
Mitsubishi Electric GOT products
2021-11-16 12:00:00

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

COMPLETE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:C/A:N

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

7.5 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

51.5%

JSON
Related for CVE-2021-20601
cvelist1prion1nvd1nessus1ics1