CVE-2021-20592

HIGH

MODBUS/TCP - DoS

Title source: llm

Description

Missing synchronization vulnerability in GOT2000 series GT27 model communication driver versions 01.19.000 through 01.39.010, GT25 model communication driver versions 01.19.000 through 01.39.010 and GT23 model communication driver versions 01.19.000 through 01.39.010 and GT SoftGOT2000 versions 1.170C through 1.256S allows a remote unauthenticated attacker to cause DoS condition on the MODBUS/TCP slave communication function of the products by rapidly and repeatedly connecting and disconnecting to and from the MODBUS/TCP communication port on a target. Restart or reset is required to recover.

References (2)

[Various Sources] https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-007_en.pdf

[Third Party Advisory] https://jvn.jp/vu/JVNVU92414172/index.html

Scores

CVSS v3 7.5

EPSS 0.0039

EPSS Percentile 59.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

CWE

CWE-662

Status published

Products (4)

mitsubishielectric/got2000_gt23_firmware 01.19.000 - 01.39.010

mitsubishielectric/got2000_gt25_firmware 01.19.000 - 01.39.010

mitsubishielectric/got2000_gt27_firmware 01.19.000 - 01.39.010

mitsubishielectric/gt_softgot2000 1.170c - 1.256s

Published Aug 05, 2021

Tracked Since Feb 18, 2026