CVE-2021-20607

🗓️ 17 Dec 2021 16:10:28Reported by MitsubishiType

cve🔗 web.nvd.nist.gov📰️ 1 Media mentions👁 57 Views

Integer Underflow vulnerability in Mitsubishi Electric software allows DoS via malicious project fil

Reporter	Title	Published	Views	Family All 9
CNNVD	Mitsubishi Electric FA Engineering Software 数字错误漏洞	16 Dec 202100:00	–	cnnvd
Cvelist	CVE-2021-20607	17 Dec 202116:10	–	cvelist
EUVD	EUVD-2021-8025	3 Oct 202520:07	–	euvd
ICS	Mitsubishi Electric FA Engineering Software (Update B)	16 Dec 202100:00	–	ics
NVD	CVE-2021-20607	17 Dec 202117:15	–	nvd
Prion	Integer overflow	17 Dec 202117:15	–	prion
Positive Technologies	PT-2021-14075 · Mitsubishi · Melsoft Navigator +2	17 Dec 202100:00	–	ptsecurity
RedhatCVE	CVE-2021-20607	22 May 202519:07	–	redhatcve
Tenable Nessus	Mitsubishi (CVE-2021-20607) (deprecated)	7 Feb 202200:00	–	nessus

NVD

Node

mitsubishielectric ezsocketRange≤5.4

mitsubishielectric gx_works2Range≤1.606g

mitsubishielectric melsoft_navigator

[
  {
    "product": "Mitsubishi Electric GX Works2; Mitsubishi Electric MELSOFT Navigator; Mitsubishi Electric EZSocket",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "Mitsubishi Electric GX Works2 versions 1.606G and prior"
      },
      {
        "status": "affected",
        "version": "Mitsubishi Electric MELSOFT Navigator versions 2.84N and prior"
      },
      {
        "status": "affected",
        "version": "Mitsubishi Electric EZSocket versions 5.4 and prior"
      }
    ]
  }
]

Source	Link
mitsubishielectric	www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-021_en.pdf
jvn	www.jvn.jp/vu/JVNVU93817405/index.html
us-cert	www.us-cert.cisa.gov/ics/advisories/icsa-21-350-05

21 Nov 2024 05:46Current

5.3Medium risk

Vulners AI Score5.3

CVSS 24.3

CVSS 3.15.5

EPSS0.00151

CWE-191