CVE-2021-20601
📋 TL;DR
An improper input validation vulnerability in Mitsubishi Electric GOT2000 and related HMI products allows remote unauthenticated attackers to write values exceeding configured limits by sending malicious packets. This can cause system malfunctions or operational disruptions. Affected systems include GOT2000 series GT21-GT27 models, GS21 models, and GT SoftGOT2000.
💻 Affected Systems
- GOT2000 series GT27 model
- GOT2000 series GT25 model
- GOT2000 series GT23 model
- GOT2000 series GT21 model
- GOT SIMPLE series GS21 model
- GT SoftGOT2000
📦 What is this software?
Got Simple Gs2107 Wtbd Firmware by Mitsubishielectric
Got Simple Gs2110 Wtbd Firmware by Mitsubishielectric
Got2000 Gt2103 Pmbd Firmware by Mitsubishielectric
Got2000 Gt2103 Pmbds Firmware by Mitsubishielectric
Got2000 Gt2103 Pmbds2 Firmware by Mitsubishielectric
Got2000 Gt2103 Pmbls Firmware by Mitsubishielectric
Got2000 Gt2104 Rtbd Firmware by Mitsubishielectric
Got2000 Gt2107 Wtbd Firmware by Mitsubishielectric
Got2000 Gt2308 Vtba Firmware by Mitsubishielectric
Got2000 Gt2308 Vtbd Firmware by Mitsubishielectric
Got2000 Gt2310 Vtba Firmware by Mitsubishielectric
Got2000 Gt2310 Vtbd Firmware by Mitsubishielectric
Got2000 Gt2505 Vtbd Firmware by Mitsubishielectric
Got2000 Gt2505hs Vtbd Firmware by Mitsubishielectric
Got2000 Gt2506hs Vtbd Firmware by Mitsubishielectric
Got2000 Gt2507 Wtbd Firmware by Mitsubishielectric
Got2000 Gt2507 Wtsd Firmware by Mitsubishielectric
Got2000 Gt2507t Wtsd Firmware by Mitsubishielectric
Got2000 Gt2508 Vtba Firmware by Mitsubishielectric
Got2000 Gt2508 Vtbd Firmware by Mitsubishielectric
Got2000 Gt2508 Vtwa Firmware by Mitsubishielectric
Got2000 Gt2508 Vtwd Firmware by Mitsubishielectric
Got2000 Gt2510 Vtba Firmware by Mitsubishielectric
Got2000 Gt2510 Vtbd Firmware by Mitsubishielectric
Got2000 Gt2510 Vtwa Firmware by Mitsubishielectric
Got2000 Gt2510 Vtwd Firmware by Mitsubishielectric
Got2000 Gt2510 Wxtbd Firmware by Mitsubishielectric
Got2000 Gt2510 Wxtsd Firmware by Mitsubishielectric
Got2000 Gt2512 Stba Firmware by Mitsubishielectric
Got2000 Gt2512 Stbd Firmware by Mitsubishielectric
Got2000 Gt2512 Wxtbd Firmware by Mitsubishielectric
Got2000 Gt2512 Wxtsd Firmware by Mitsubishielectric
Got2000 Gt2705 Vtbd Firmware by Mitsubishielectric
Got2000 Gt2708 Stba Firmware by Mitsubishielectric
Got2000 Gt2708 Stbd Firmware by Mitsubishielectric
Got2000 Gt2708 Vtba Firmware by Mitsubishielectric
Got2000 Gt2708 Vtbd Firmware by Mitsubishielectric
Got2000 Gt2710 Stba Firmware by Mitsubishielectric
Got2000 Gt2710 Stbd Firmware by Mitsubishielectric
Got2000 Gt2710 Vtba Firmware by Mitsubishielectric
Got2000 Gt2710 Vtbd Firmware by Mitsubishielectric
Got2000 Gt2710 Vtwa Firmware by Mitsubishielectric
Got2000 Gt2710 Vtwd Firmware by Mitsubishielectric
Got2000 Gt2712 Stba Firmware by Mitsubishielectric
Got2000 Gt2712 Stbd Firmware by Mitsubishielectric
Got2000 Gt2712 Stwa Firmware by Mitsubishielectric
Got2000 Gt2712 Stwd Firmware by Mitsubishielectric
Got2000 Gt2715 Xtba Firmware by Mitsubishielectric
Got2000 Gt2715 Xtbd Firmware by Mitsubishielectric
Gt Softgot2000 by Mitsubishielectric
⚠️ Risk & Real-World Impact
Worst Case
Complete system malfunction leading to industrial process disruption, equipment damage, or safety incidents in critical infrastructure environments.
Likely Case
Process disruption, unexpected equipment behavior, or temporary system unavailability requiring manual intervention.
If Mitigated
Limited impact with proper network segmentation and monitoring, potentially causing minor operational anomalies.
🎯 Exploit Status
Remote unauthenticated exploitation with specially crafted packets. No public exploit code identified but vulnerability is well-documented.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Contact Mitsubishi Electric for specific firmware updates
Vendor Advisory: https://www.mitsubishielectric.co.jp/psirt/vulnerability/pdf/2021-018.pdf
Restart Required: Yes
Instructions:
1. Contact Mitsubishi Electric for firmware updates
2. Backup current configuration
3. Apply firmware update following vendor instructions
4. Restart affected devices
5. Verify proper operation
🔧 Temporary Workarounds
Network Segmentation
allIsolate affected devices in separate network segments with strict firewall rules
Access Control Lists
allImplement strict network ACLs to limit communication to trusted sources only
🧯 If You Can't Patch
- Implement strict network segmentation and firewall rules to isolate affected devices from untrusted networks
- Deploy intrusion detection systems to monitor for malicious packet patterns targeting these devices
🔍 How to Verify
Check if Vulnerable:
Check device model and firmware version against affected products list. All versions of listed models are vulnerable.Check Version:
Check device information screen on HMI or consult device documentation for version checking procedureVerify Fix Applied:
Verify with Mitsubishi Electric that specific firmware version addresses CVE-2021-20601 and confirm no unauthorized value writes occur.📡 Detection & Monitoring
Log Indicators:
- Unexpected value writes exceeding configured limits
- Device communication anomalies
- System malfunction alerts
Network Indicators:
- Malformed packets targeting HMI communication ports
- Unauthorized network connections to affected devices
SIEM Query:
Search for network traffic to port 5006/TCP (MELSEC protocol) with unusual patterns or from unauthorized sources🔗 References
- https://jvn.jp/vu/JVNVU98072504
- https://us-cert.cisa.gov/ics/advisories/icsa-21-320-02
- https://www.mitsubishielectric.co.jp/psirt/vulnerability/pdf/2021-018.pdf
- https://jvn.jp/vu/JVNVU98072504
- https://us-cert.cisa.gov/ics/advisories/icsa-21-320-02
- https://www.mitsubishielectric.co.jp/psirt/vulnerability/pdf/2021-018.pdf
