CVE-2021-20590

Description

Improper authentication vulnerability in GOT2000 series GT27 model VNC server versions 01.39.010 and prior, GOT2000 series GT25 model VNC server versions 01.39.010 and prior, GOT2000 series GT21 model GT2107-WTBD VNC server versions 01.40.000 and prior, GOT2000 series GT21 model GT2107-WTSD VNC server versions 01.40.000 and prior, GOT SIMPLE series GS21 model GS2110-WTBD-N VNC server versions 01.40.000 and prior and GOT SIMPLE series GS21 model GS2107-WTBD-N VNC server versions 01.40.000 and prior allows a remote unauthenticated attacker to gain unauthorized access via specially crafted packets when the "VNC server" function is used.

References

Link	Tags
https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-001_en.pdf
https://jvn.jp/vu/JVNVU97615777/index.html

Frequently Asked Questions

What is the severity of CVE-2021-20590?: CVE-2021-20590 has been scored as a high severity vulnerability.
How to fix CVE-2021-20590?: To fix CVE-2021-20590, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2021-20590 being actively exploited in the wild?: As for now, there are no information to confirm that CVE-2021-20590 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2021-20590?: CVE-2021-20590 affects n/a GOT2000 series GT27 model, n/a GOT2000 series GT25 model, n/a GOT2000 series GT21 model GT2107-WTBD, n/a GOT2000 series GT21 model GT2107-WTSD, n/a GOT SIMPLE series GS21 model GS2110-WTBD-N, n/a GOT SIMPLE series GS21 model GS2107-WTBD-N.

Description

Category

CWE-287 – Improper Authentication

References

Frequently Asked Questions