Vulnerability Description
M-System DL8 series (type A (DL8-A) versions prior to Ver3.0, type B (DL8-B) versions prior to Ver3.0, type C (DL8-C) versions prior to Ver3.0, type D (DL8-D) versions prior to Ver3.0, and type E (DL8-E) versions prior to Ver3.0) allows remote authenticated attackers to bypass access restriction and conduct prohibited operations via unspecified vectors.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| M-System | Dl8-A Firmware | < 3.0.81 |
| M-System | Dl8-A | - |
| M-System | Dl8-B Firmware | < 3.0.77 |
| M-System | Dl8-B | - |
| M-System | Dl8-C Firmware | < 3.0.99 |
| M-System | Dl8-C | - |
| M-System | Dl8-D Firmware | < 3.0.91 |
| M-System | Dl8-D | - |
| M-System | Dl8-E Firmware | < 3.0.12 |
| M-System | Dl8-E | - |
Related Weaknesses (CWE)
References
- https://jvn.jp/en/jp/JVN47497535/index.htmlThird Party Advisory
- https://www.m-system.co.jp/download_w/dl_dl8updaterE.htmlVendor Advisory
- https://jvn.jp/en/jp/JVN47497535/index.htmlThird Party Advisory
- https://www.m-system.co.jp/download_w/dl_dl8updaterE.htmlVendor Advisory
FAQ
What is CVE-2021-20676?
CVE-2021-20676 is a vulnerability with a CVSS score of 4.3 (MEDIUM). M-System DL8 series (type A (DL8-A) versions prior to Ver3.0, type B (DL8-B) versions prior to Ver3.0, type C (DL8-C) versions prior to Ver3.0, type D (DL8-D) versions prior to Ver3.0, and type E (DL8...
How severe is CVE-2021-20676?
CVE-2021-20676 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2021-20676?
Check the references section above for vendor advisories and patch information. Affected products include: M-System Dl8-A Firmware, M-System Dl8-A, M-System Dl8-B Firmware, M-System Dl8-B, M-System Dl8-C Firmware.