Predictable Exact Value from Previous Values in GOT2000 GT21 model and GOT SIMPLE GS21 model

#VU78939 Predictable Exact Value from Previous Values in GOT2000 GT21 model and GOT SIMPLE GS21 model

Published: 2023-08-04

Vulnerability identifier: #VU78939

Vulnerability risk: Medium

CVSSv3.1: 5.2 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-3373

CWE-ID: CWE-342

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
GOT2000 GT21 model
Server applications / SCADA systems
GOT SIMPLE GS21 model
Server applications / SCADA systems

Vendor: Mitsubishi Electric

Description

The vulnerability allows a remote attacker to compromise the target system.

The vulnerability exists due to predictable exact value from previous values in the FTP server function. A remote attacker can guess the port number of a data connection and perform a denial of service (DoS) and spoofing attacks.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

GOT2000 GT21 model: 01.49.000

GOT SIMPLE GS21 model: 01.49.000

External links
http://www.cisa.gov/news-events/ics-advisories/icsa-23-215-01
http://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2023-006_en.pdf
http://jvn.jp/vu/JVNVU92167394/index.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Predictable Exact Value from Previous Values in Mitsubishi Electric GOT2000 and GOT SIMPLE