CVE-2021-20592
First published: Thu Aug 05 2021(Updated: )
Missing synchronization vulnerability in GOT2000 series GT27 model communication driver versions 01.19.000 through 01.39.010, GT25 model communication driver versions 01.19.000 through 01.39.010 and GT23 model communication driver versions 01.19.000 through 01.39.010 and GT SoftGOT2000 versions 1.170C through 1.256S allows a remote unauthenticated attacker to cause DoS condition on the MODBUS/TCP slave communication function of the products by rapidly and repeatedly connecting and disconnecting to and from the MODBUS/TCP communication port on a target. Restart or reset is required to recover.
Credit: vultures@jpcert.or.jp
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Mitsubishielectric Gt Softgot2000 | >=1.170c<=1.256s | |
| Mitsubishielectric Got2000 Gt27 Firmware | >=01.19.000<=01.39.010 | |
| Mitsubishielectric Got2000 Gt27 | ||
| Mitsubishielectric Got2000 Gt25 Firmware | >=01.19.000<=01.39.010 | |
| Mitsubishielectric Got2000 Gt25 | ||
| Mitsubishielectric Got2000 Gt23 Firmware | >=01.19.000<=01.39.010 | |
| Mitsubishielectric Got2000 Gt23 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID of this vulnerability?
The vulnerability ID is CVE-2021-20592.
What is the severity score of CVE-2021-20592?
CVE-2021-20592 has a severity score of 7.5 (high).
Which software versions are affected by CVE-2021-20592?
CVE-2021-20592 affects the following software versions: GT27 model communication driver versions 01.19.000 through 01.39.010, GT25 model communication driver versions 01.19.000 through 01.39.010, GT23 model communication driver versions 01.19.000 through 01.39.010, and GT SoftGOT2000 versions 1.170c through 1.256s.
Is Mitsubishielectric Got2000 Gt27 vulnerable to CVE-2021-20592?
No, Mitsubishielectric Got2000 Gt27 is not vulnerable to CVE-2021-20592.
How can I fix CVE-2021-20592?
To fix CVE-2021-20592, it is recommended to update to the latest firmware or software version provided by Mitsubishi Electric.
- collector/nvd-index
- agent/references
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/severity
- agent/weakness
- agent/author
- agent/tags
- agent/softwarecombine
- agent/description
- agent/event
- agent/first-publish-date
- vendor/mitsubishielectric
- canonical/mitsubishielectric gt softgot2000
- version/mitsubishielectric gt softgot2000/1.170c
- version/mitsubishielectric gt softgot2000/1.256s
- canonical/mitsubishielectric got2000 gt27 firmware
- version/mitsubishielectric got2000 gt27 firmware/01.19.000
- version/mitsubishielectric got2000 gt27 firmware/01.39.010
- canonical/mitsubishielectric got2000 gt27
- canonical/mitsubishielectric got2000 gt25 firmware
- version/mitsubishielectric got2000 gt25 firmware/01.19.000
- version/mitsubishielectric got2000 gt25 firmware/01.39.010
- canonical/mitsubishielectric got2000 gt25
- canonical/mitsubishielectric got2000 gt23 firmware
- version/mitsubishielectric got2000 gt23 firmware/01.19.000
- version/mitsubishielectric got2000 gt23 firmware/01.39.010
- canonical/mitsubishielectric got2000 gt23