CVE-2021-20999 WEIDMUELLER: Accidentally open network port in u-controls and IoT-Gateways

🗓️ 13 May 2021 13:45:25Reported by CERTVDEType

Accidental exposure of internal network port in Weidmüller u-controls and IoT-Gateway

Reporter	Title	Published	Views	Family All 7
CNNVD	Weidmuller UC20-WL2000-AC 安全漏洞	13 May 202100:00	–	cnnvd
CVE	CVE-2021-20999	13 May 202113:45	–	cve
EUVD	EUVD-2021-8408	3 Oct 202520:07	–	euvd
NVD	CVE-2021-20999	13 May 202114:15	–	nvd
OSV	CVE-2021-20999	13 May 202114:15	–	osv
Prion	Spoofing	13 May 202114:15	–	prion
Positive Technologies	PT-2021-14328 · Weidmüller · Iot-Gateways +1	13 May 202100:00	–	ptsecurity

[
  {
    "product": "UC20-WL2000-AC (No. 1334950000)",
    "vendor": "Weidmüller",
    "versions": [
      {
        "lessThanOrEqual": "1.9.0",
        "status": "affected",
        "version": "1.3.0",
        "versionType": "custom"
      },
      {
        "lessThanOrEqual": "1.10.2",
        "status": "affected",
        "version": "1.10.0",
        "versionType": "custom"
      },
      {
        "lessThanOrEqual": "1.12.1",
        "status": "affected",
        "version": "1.11.0",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "UC20-WL2000-IOT (No. 1334990000)",
    "vendor": "Weidmüller",
    "versions": [
      {
        "lessThanOrEqual": "1.9.0",
        "status": "affected",
        "version": "1.3.0",
        "versionType": "custom"
      },
      {
        "lessThanOrEqual": "1.10.2",
        "status": "affected",
        "version": "1.10.0",
        "versionType": "custom"
      },
      {
        "lessThanOrEqual": "1.12.1",
        "status": "affected",
        "version": "1.11.0",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "IOT-GW30 (No. 2682620000)",
    "vendor": "Weidmüller",
    "versions": [
      {
        "lessThanOrEqual": "1.9.0",
        "status": "affected",
        "version": "1.3.0",
        "versionType": "custom"
      },
      {
        "lessThanOrEqual": "1.10.2",
        "status": "affected",
        "version": "1.10.0",
        "versionType": "custom"
      },
      {
        "lessThanOrEqual": "1.12.1",
        "status": "affected",
        "version": "1.11.0",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "IOT-GW30-4G-EU (No. 2682630000)",
    "vendor": "Weidmüller",
    "versions": [
      {
        "lessThanOrEqual": "1.9.0",
        "status": "affected",
        "version": "1.3.0",
        "versionType": "custom"
      },
      {
        "lessThanOrEqual": "1.10.2",
        "status": "affected",
        "version": "1.10.0",
        "versionType": "custom"
      },
      {
        "lessThanOrEqual": "1.12.1",
        "status": "affected",
        "version": "1.11.0",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
cert	www.cert.vde.com/en-us/advisories/vde-2021-016

13 May 2021 13:45Current

9.5High risk

Vulners AI Score9.5

CVSS 3.19.4

EPSS0.00947

CWE-668