Login Sign Up

CVE-2021-20643

7.5 HIGH
Authentication Bypass

📋 TL;DR

CVE-2021-20643 is an improper access control vulnerability in ELECOM LD-PS/U1 power strip management devices that allows remote attackers to change the administrative password without authentication. This affects organizations using these network-connected power strips for remote power management. Attackers can gain administrative control over the device.

💻 Affected Systems

Products:
  • ELECOM LD-PS/U1
Versions: All versions prior to firmware update
Operating Systems: Embedded firmware
Default Config Vulnerable: ⚠️ Yes
Notes: Affects the network management interface of the power strip. Physical access not required.

📦 What is this software?

Ld Ps\/u1 Firmware by Elecom

View all CVEs affecting Ld Ps\/u1 Firmware →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete compromise of power strip management allowing attackers to remotely power cycle connected equipment, potentially causing service disruption or equipment damage.

🟠

Likely Case

Unauthorized administrative access leading to power manipulation of connected servers or network equipment, causing service interruptions.

🟢

If Mitigated

No impact if device is not internet-facing and network segmentation prevents access from untrusted networks.

🌐 Internet-Facing: HIGH - Remote unauthenticated exploit allows complete takeover from anywhere on the internet.
🏢 Internal Only: MEDIUM - Still vulnerable to internal attackers or compromised internal systems, but requires network access.

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Simple HTTP request manipulation required. Technical details and proof-of-concept available in public advisories.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Firmware update from vendor

Vendor Advisory: https://www.elecom.co.jp/news/security/20210126-01/

Restart Required: Yes

Instructions:

1. Download latest firmware from ELECOM support site. 2. Access device web interface. 3. Navigate to firmware update section. 4. Upload and apply firmware. 5. Reboot device.

🔧 Temporary Workarounds

Network Segmentation

all

Isolate LD-PS/U1 devices on separate VLAN with strict firewall rules

Access Control Lists

all

Implement IP-based restrictions to allow only trusted management stations

🧯 If You Can't Patch

  • Remove from internet-facing networks immediately
  • Implement strict network segmentation and firewall rules to limit access to trusted IPs only

🔍 How to Verify

Check if Vulnerable:

Check firmware version via web interface. If not updated to latest version, device is vulnerable.

Check Version:

Access device web interface and check firmware version in system information

Verify Fix Applied:

Verify firmware version shows latest patched version and test that password change requires proper authentication.

📡 Detection & Monitoring

Log Indicators:

  • Unauthorized password change attempts
  • Multiple failed login attempts followed by successful password change

Network Indicators:

  • HTTP POST requests to password change endpoints from untrusted sources
  • Unusual network traffic to power strip management port

SIEM Query:

source_ip NOT IN trusted_management_ips AND dest_port=80 AND uri_contains='password' AND method='POST'

📊 Metadata

CVE ID: CVE-2021-20643
CVSS v3 Score: 7.5 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Published: February 12, 2021
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON