CVE-2021-20590 — HIGH (7.5)

Q: How severe is CVE-2021-20590?

CVE-2021-20590 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2021-20590?

Check the references section above for vendor advisories and patch information. Affected products include: Mitsubishielectric Got2000 Gt27 Firmware, Mitsubishielectric Got2000 Gt27, Mitsubishielectric Got2000 Gt25 Firmware, Mitsubishielectric Got2000 Gt25, Mitsubishielectric Gt2107-Wtbd Firmware.

Vulnerability Description

Improper authentication vulnerability in GOT2000 series GT27 model VNC server versions 01.39.010 and prior, GOT2000 series GT25 model VNC server versions 01.39.010 and prior, GOT2000 series GT21 model GT2107-WTBD VNC server versions 01.40.000 and prior, GOT2000 series GT21 model GT2107-WTSD VNC server versions 01.40.000 and prior, GOT SIMPLE series GS21 model GS2110-WTBD-N VNC server versions 01.40.000 and prior and GOT SIMPLE series GS21 model GS2107-WTBD-N VNC server versions 01.40.000 and prior allows a remote unauthenticated attacker to gain unauthorized access via specially crafted packets when the "VNC server" function is used.

CVSS Score

7.5

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

NONE

Integrity

HIGH

Availability

NONE

Affected Products

Vendor	Product	Versions
Mitsubishielectric	Got2000 Gt27 Firmware	<= 01.39.010
Mitsubishielectric	Got2000 Gt27	-
Mitsubishielectric	Got2000 Gt25 Firmware	<= 01.39.010
Mitsubishielectric	Got2000 Gt25	-
Mitsubishielectric	Gt2107-Wtbd Firmware	<= 01.40.000
Mitsubishielectric	Gt2107-Wtbd	-
Mitsubishielectric	Gt2107-Wtsd Firmware	<= 01.40.000
Mitsubishielectric	Gt2107-Wtsd	-
Mitsubishielectric	Gs2110-Wtbd-N Firmware	<= 01.40.000
Mitsubishielectric	Gs2110-Wtbd-N	-
Mitsubishielectric	Gs2107-Wtbd-N Firmware	<= 01.40.000
Mitsubishielectric	Gs2107-Wtbd-N	-

Related Weaknesses (CWE)

CWE-287

References

FAQ

What is CVE-2021-20590?

CVE-2021-20590 is a vulnerability with a CVSS score of 7.5 (HIGH). Improper authentication vulnerability in GOT2000 series GT27 model VNC server versions 01.39.010 and prior, GOT2000 series GT25 model VNC server versions 01.39.010 and prior, GOT2000 series GT21 model...

How severe is CVE-2021-20590?

CVE-2021-20590 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2021-20590?

Check the references section above for vendor advisories and patch information. Affected products include: Mitsubishielectric Got2000 Gt27 Firmware, Mitsubishielectric Got2000 Gt27, Mitsubishielectric Got2000 Gt25 Firmware, Mitsubishielectric Got2000 Gt25, Mitsubishielectric Gt2107-Wtbd Firmware.