Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.TENABLE_OT_MITSUBISHI_CVE-2021-20592.NASL
HistoryFeb 07, 2022 - 12:00 a.m.

Mitsubishi Electric GOT2000 series and GT SoftGOT2000 (CVE-2021-20592)

2022-02-0700:00:00
This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
19

0.002 Low

EPSS

Percentile

64.8%

JSON

Missing synchronization vulnerability in GOT2000 series GT27 model communication driver versions 01.19.000 through 01.39.010, GT25 model communication driver versions 01.19.000 through 01.39.010 and GT23 model communication driver versions 01.19.000 through 01.39.010 and GT SoftGOT2000 versions 1.170C through 1.256S allows a remote unauthenticated attacker to cause DoS condition on the MODBUS/TCP slave communication function of the products by rapidly and repeatedly connecting and disconnecting to and from the MODBUS/TCP communication port on a target. Restart or reset is required to recover.

This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information.

#%NASL_MIN_LEVEL 70300
##
# (C) Tenable Network Security, Inc.
##

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(500515);
  script_version("1.8");
  script_set_attribute(attribute:"plugin_modification_date", value:"2023/11/13");

  script_cve_id("CVE-2021-20592");

  script_name(english:"Mitsubishi Electric GOT2000 series and GT SoftGOT2000 (CVE-2021-20592)");

  script_set_attribute(attribute:"synopsis", value:
"The remote OT asset is affected by a vulnerability.");
  script_set_attribute(attribute:"description", value:
"Missing synchronization vulnerability in GOT2000 series GT27 model communication driver versions 01.19.000 through
01.39.010, GT25 model communication driver versions 01.19.000 through 01.39.010 and GT23 model communication driver
versions 01.19.000 through 01.39.010 and GT SoftGOT2000 versions 1.170C through 1.256S allows a remote unauthenticated
attacker to cause DoS condition on the MODBUS/TCP slave communication function of the products by rapidly and repeatedly
connecting and disconnecting to and from the MODBUS/TCP communication port on a target. Restart or reset is required to
recover.  

This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more
information.");
  # https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-007_en.pdf
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?46a44361");
  script_set_attribute(attribute:"see_also", value:"https://jvn.jp/vu/JVNVU92414172/index.html");
  script_set_attribute(attribute:"see_also", value:"https://www.cisa.gov/news-events/ics-advisories/icsa-21-208-02");
  script_set_attribute(attribute:"solution", value:
"The following text was originally created by the Cybersecurity and Infrastructure Security Agency (CISA). The original
can be found at CISA.gov.

Mitsubishi Electric recommends users upgrade to the following versions:

- GOT2000 models GT27, GT25, GT23: Update communication driver to version 01.40.000 or later (Fixed communication driver
is included in GT Designer3 Version1(GOT2000) Version 1.260W or later)
- GT SoftGOT2000: Update to Version 1.26W or later

For specific update instructions and additional details see the Mitsubishi Electric advisory.

Mitsubishi Electric recommends users take the following mitigations to minimize the risk of this vulnerability:

- When connecting the products to the Internet, use a firewall or virtual private network (VPN), etc. to prevent
unauthorized access.
- Use the products within the LAN and block access from untrusted networks and hosts.
- Install antivirus software on your computer that can access the product.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2021-20592");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");
  script_cwe_id(662);

  script_set_attribute(attribute:"vuln_publication_date", value:"2021/08/05");
  script_set_attribute(attribute:"patch_publication_date", value:"2021/08/05");
  script_set_attribute(attribute:"plugin_publication_date", value:"2022/02/07");

  script_set_attribute(attribute:"plugin_type", value:"remote");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:mitsubishielectric:got2000_gt27_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:mitsubishielectric:got2000_gt25_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:mitsubishielectric:got2000_gt23_firmware");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Tenable.ot");

  script_copyright(english:"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("tenable_ot_api_integration.nasl");
  script_require_keys("Tenable.ot/Mitsubishi");

  exit(0);
}


include('tenable_ot_cve_funcs.inc');

get_kb_item_or_exit('Tenable.ot/Mitsubishi');

var asset = tenable_ot::assets::get(vendor:'Mitsubishi');

var vuln_cpes = {
    "cpe:/o:mitsubishielectric:got2000_gt27_firmware" :
        {"versionEndIncluding" : "01.39.010", "versionStartIncluding" : "01.19.000", "family" : "Mitsubishi"},
    "cpe:/o:mitsubishielectric:got2000_gt25_firmware" :
        {"versionEndIncluding" : "01.39.010", "versionStartIncluding" : "01.19.000", "family" : "Mitsubishi"},
    "cpe:/o:mitsubishielectric:got2000_gt23_firmware" :
        {"versionEndIncluding" : "01.39.010", "versionStartIncluding" : "01.19.000", "family" : "Mitsubishi"}
};

tenable_ot::cve::compare_and_report(asset:asset, cpes:vuln_cpes, severity:SECURITY_HOLE);
VendorProductVersionCPE
mitsubishielectricgot2000_gt27_firmwarecpe:/o:mitsubishielectric:got2000_gt27_firmware
mitsubishielectricgot2000_gt25_firmwarecpe:/o:mitsubishielectric:got2000_gt25_firmware
mitsubishielectricgot2000_gt23_firmwarecpe:/o:mitsubishielectric:got2000_gt23_firmware

Related

cve 1
ics 1
prion 1
cvelist 1
nvd 1
cve
cve
CVE-2021-20592
2021-08-05 21:15:10
ics
ics
Mitsubishi Electric GOT2000 series and GT SoftGOT2000
2021-07-27 12:00:00
prion
prion
Design/Logic Flaw
2021-08-05 21:15:00
cvelist
cvelist
CVE-2021-20592
2021-08-05 20:46:50
nvd
nvd
CVE-2021-20592
2021-08-05 21:15:10

0.002 Low

EPSS

Percentile

64.8%

JSON
Related for TENABLE_OT_MITSUBISHI_CVE-2021-20592.NASL
cve1ics1prion1cvelist1nvd1