Improper authentication vulnerability in GOT2000 series GT27 model VNC server versions 01.39.010 and prior, GOT2000 series GT25 model VNC server versions 01.39.010 and prior, GOT2000 series GT21 model GT2107-WTBD VNC server versions 01.40.000 and prior, GOT2000 series GT21 model GT2107-WTSD VNC server versions 01.40.000 and prior, GOT SIMPLE series GS21 model GS2110-WTBD-N VNC server versions 01.40.000 and prior and GOT SIMPLE series GS21 model GS2107-WTBD-N VNC server versions 01.40.000 and prior allows a remote unauthenticated attacker to gain unauthorized access via specially crafted packets when the "VNC server" function is used.
References
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
Configuration 5 (hide)
AND |
|
Configuration 6 (hide)
AND |
|
History
12 May 2022, 20:15
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : 4.3
v3 : 7.5 |
References | (CONFIRM) https://jvn.jp/vu/JVNVU97615777/index.html - Mitigation, Third Party Advisory | |
References | (CONFIRM) https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-001_en.pdf - Mitigation, Vendor Advisory |
02 Aug 2021, 18:15
Type | Values Removed | Values Added |
---|---|---|
Summary | Improper authentication vulnerability in GOT2000 series GT27 model VNC server versions 01.39.010 and prior, GOT2000 series GT25 model VNC server versions 01.39.010 and prior, GOT2000 series GT21 model GT2107-WTBD VNC server versions 01.40.000 and prior, GOT2000 series GT21 model GT2107-WTSD VNC server versions 01.40.000 and prior, GOT SIMPLE series GS21 model GS2110-WTBD-N VNC server versions 01.40.000 and prior and GOT SIMPLE series GS21 model GS2107-WTBD-N VNC server versions 01.40.000 and prior allows a remote unauthenticated attacker to gain unauthorized access via specially crafted packets when the "VNC server" function is used. |
Information
Published : 2021-04-22 19:15
Updated : 2024-02-04 21:47
NVD link : CVE-2021-20590
Mitre link : CVE-2021-20590
CVE.ORG link : CVE-2021-20590
JSON object : View
Products Affected
mitsubishielectric
- gs2110-wtbd-n
- gt2107-wtsd_firmware
- got2000_gt25_firmware
- gs2110-wtbd-n_firmware
- gt2107-wtbd_firmware
- got2000_gt27_firmware
- gt2107-wtbd
- got2000_gt25
- gs2107-wtbd-n_firmware
- gs2107-wtbd-n
- gt2107-wtsd
- got2000_gt27
CWE
CWE-287
Improper Authentication