Cyber Resilience

CVE-2021-20712

Medium

Published: 26 April 2021

Published
26 April 2021
Modified
21 November 2024
KEV Added
Patch
CVSS Score v3.1 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
EPSS Score 0.0025 48.6th percentile
Risk Priority 11 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2021-20712 is a medium-severity an unspecified weakness vulnerability in Nec Aterm Wg2600Hs Firmware. Its CVSS base score is 5.3 (Medium).

Operationally, ranked at the 48.6th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

EU & UK References

Vulnerability details

Improper access control vulnerability in NEC Aterm WG2600HS firmware Ver1.5.1 and earlier, and Aterm WX3000HP firmware Ver1.1.2 and earlier allows a device connected to the LAN side to be accessed from the WAN side due to the defect in the…

more

IPv6 firewall function.

CWE(s)

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

nec
aterm wg2600hs firmware
≤ 1.5.1
nec
aterm wx3000hp firmware
≤ 1.1.2

Mitigating Controls

No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.

References