CVE-2021-20590
First published: Thu Apr 22 2021(Updated: )
Improper authentication vulnerability in GOT2000 series GT27 model VNC server versions 01.39.010 and prior, GOT2000 series GT25 model VNC server versions 01.39.010 and prior, GOT2000 series GT21 model GT2107-WTBD VNC server versions 01.40.000 and prior, GOT2000 series GT21 model GT2107-WTSD VNC server versions 01.40.000 and prior, GOT SIMPLE series GS21 model GS2110-WTBD-N VNC server versions 01.40.000 and prior and GOT SIMPLE series GS21 model GS2107-WTBD-N VNC server versions 01.40.000 and prior allows a remote unauthenticated attacker to gain unauthorized access via specially crafted packets when the "VNC server" function is used.
Credit: vultures@jpcert.or.jp
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Mitsubishielectric Got2000 Gt27 Firmware | <=01.39.010 | |
| Mitsubishielectric Got2000 Gt27 | ||
| Mitsubishielectric Got2000 Gt25 Firmware | <=01.39.010 | |
| Mitsubishielectric Got2000 Gt25 | ||
| Mitsubishielectric Gt2107-wtbd Firmware | <=01.40.000 | |
| Mitsubishielectric Gt2107-wtbd | ||
| Mitsubishielectric Gt2107-wtsd Firmware | <=01.40.000 | |
| Mitsubishielectric Gt2107-wtsd | ||
| Mitsubishielectric Gs2110-wtbd-n Firmware | <=01.40.000 | |
| Mitsubishielectric Gs2110-wtbd-n | ||
| Mitsubishielectric Gs2107-wtbd-n Firmware | <=01.40.000 | |
| Mitsubishielectric Gs2107-wtbd-n |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2021-20590?
CVE-2021-20590 has a medium severity rating due to improper authentication that could allow unauthorized access.
How do I fix CVE-2021-20590?
To address CVE-2021-20590, it is recommended to update the firmware of affected GOT2000 series models to the latest version.
Which versions are affected by CVE-2021-20590?
CVE-2021-20590 affects GOT2000 series GT27, GT25, and GT21 models with specific firmware versions 01.39.010 or earlier and 01.40.000 or earlier.
What kind of devices are impacted by CVE-2021-20590?
CVE-2021-20590 impacts Mitsubishi Electric GOT2000 series devices, specifically models GT27, GT25, GT2107-WTBD, and GT2107-WTSD.
Is CVE-2021-20590 easily exploitable?
Yes, CVE-2021-20590 is considered to be easily exploitable due to the improper authentication vulnerability.
- collector/nvd-index
- agent/references
- agent/softwarecombine
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/severity
- agent/weakness
- agent/author
- agent/description
- agent/event
- agent/first-publish-date
- agent/tags
- agent/source
- vendor/mitsubishielectric
- canonical/mitsubishielectric got2000 gt27 firmware
- version/mitsubishielectric got2000 gt27 firmware/01.39.010
- canonical/mitsubishielectric got2000 gt27
- canonical/mitsubishielectric got2000 gt25 firmware
- version/mitsubishielectric got2000 gt25 firmware/01.39.010
- canonical/mitsubishielectric got2000 gt25
- canonical/mitsubishielectric gt2107-wtbd firmware
- version/mitsubishielectric gt2107-wtbd firmware/01.40.000
- canonical/mitsubishielectric gt2107-wtbd
- canonical/mitsubishielectric gt2107-wtsd firmware
- version/mitsubishielectric gt2107-wtsd firmware/01.40.000
- canonical/mitsubishielectric gt2107-wtsd
- canonical/mitsubishielectric gs2110-wtbd-n firmware
- version/mitsubishielectric gs2110-wtbd-n firmware/01.40.000
- canonical/mitsubishielectric gs2110-wtbd-n
- canonical/mitsubishielectric gs2107-wtbd-n firmware
- version/mitsubishielectric gs2107-wtbd-n firmware/01.40.000
- canonical/mitsubishielectric gs2107-wtbd-n