Accidental External Network Interface Access Vulnerability in Weidmüller u-controls and IoT-Gateways

Accidental External Network Interface Access Vulnerability in Weidmüller u-controls and IoT-Gateways

CVE-2021-20999 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

In Weidmüller u-controls and IoT-Gateways in versions up to 1.12.1 a network port intended only for device-internal usage is accidentally accessible via external network interfaces. By exploiting this vulnerability the device may be manipulated or the operation may be stopped.

Learn more about our External Network Penetration Testing.