CVE-2021-20999
9.8
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Exploitability: 3.9 / Impact: 5.9
Source: NVD
Description
In Weidmüller u-controls and IoT-Gateways in versions up to 1.12.1 a network port intended only for device-internal usage is accidentally accessible via external network interfaces. By exploiting this vulnerability the device may be manipulated or the operation may be stopped.
Affected (16)
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| From 1.10.0 to 1.10.3 |
| Running on/with | Platform Versions |
|---|---|
Weidmueller Uc20 Wl2000 Ac | All versions |
Configuration B
| Vulnerable Software | Affected Versions |
|---|---|
| From 1.10.0 to 1.10.3 |
| Running on/with | Platform Versions |
|---|---|
Weidmueller Uc20 Wl2000 Iot | All versions |
Configuration C
| Vulnerable Software | Affected Versions |
|---|---|
| From 1.10.0 to 1.10.3 |
| Running on/with | Platform Versions |
|---|---|
Weidmueller Iot Gw30 | All versions |
Configuration D
| Vulnerable Software | Affected Versions |
|---|---|
| From 1.10.0 to 1.10.3 |
| Running on/with | Platform Versions |
|---|---|
Weidmueller Iot Gw30 4g Eu | All versions |
References (2)
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Timeline
No history available yet.