CVE-2021-20607
Published: 17 December 2021
Summary
CVE-2021-20607 is a medium-severity Wrap or Wraparound (CWE-191) vulnerability in Mitsubishielectric Ezsocket. Its CVSS base score is 5.5 (Medium).
Operationally, ranked at the 35.6th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2021-8025
Vulnerability details
Integer Underflow vulnerability in Mitsubishi Electric GX Works2 versions 1.606G and prior, Mitsubishi Electric MELSOFT Navigator versions 2.84N and prior and Mitsubishi Electric EZSocket versions 5.4 and prior allows an attacker to cause a DoS condition in the software by…
more
getting a user to open malicious project file specially crafted by an attacker.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.