CVE-2021-20590

Improper authentication vulnerability in GOT2000 series GT27 model VNC server versions 01.39.010 and prior, GOT2000 series GT25 model VNC server versions 01.39.010 and prior, GOT2000 series GT21 model GT2107-WTBD VNC server versions 01.40.000 and prior, GOT2000 series GT21 model GT2107-WTSD VNC server versions 01.40.000 and prior, GOT SIMPLE series GS21 model GS2110-WTBD-N VNC server versions 01.40.000 and prior and GOT SIMPLE series GS21 model GS2107-WTBD-N VNC server versions 01.40.000 and prior allows a remote unauthenticated attacker to gain unauthorized access via specially crafted packets when the "VNC server" function is used.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:mitsubishielectric:got2000_gt27_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:got2000_gt27:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:mitsubishielectric:got2000_gt25_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:got2000_gt25:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:mitsubishielectric:gt2107-wtbd_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:gt2107-wtbd:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:mitsubishielectric:gt2107-wtsd_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:gt2107-wtsd:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:mitsubishielectric:gs2110-wtbd-n_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:gs2110-wtbd-n:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:mitsubishielectric:gs2107-wtbd-n_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:gs2107-wtbd-n:-:*:*:*:*:*:*:*

History

07 Nov 2023, 03:29

Type Values Removed Values Added
References (CONFIRM) https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-001_en.pdf - Mitigation, Vendor Advisory () https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-001_en.pdf -
References (CONFIRM) https://jvn.jp/vu/JVNVU97615777/index.html - Mitigation, Third Party Advisory () https://jvn.jp/vu/JVNVU97615777/index.html -

Information

Published : 2021-04-22 19:15

Updated : 2024-02-28 18:28


NVD link : CVE-2021-20590

Mitre link : CVE-2021-20590

CVE.ORG link : CVE-2021-20590


JSON object : View

Products Affected

mitsubishielectric

  • gs2110-wtbd-n
  • got2000_gt25
  • got2000_gt27_firmware
  • got2000_gt25_firmware
  • gt2107-wtsd_firmware
  • got2000_gt27
  • gs2110-wtbd-n_firmware
  • gs2107-wtbd-n_firmware
  • gs2107-wtbd-n
  • gt2107-wtbd_firmware
  • gt2107-wtsd
  • gt2107-wtbd
CWE
CWE-287

Improper Authentication