CVE-2021-31251

high-risk
Published 2021-06-04

An authentication bypass in telnet server in BF-430 and BF431 232/422 TCP/IP Converter, BF-450M and SEMAC from CHIYU Technology Inc allows obtaining a privileged connection with the target device by supplying a specially malformed request and an attacker may force the remote telnet server to believe that the user has already authenticated.

Do I need to act?

~
9.6% chance of exploitation in next 30 days
EPSS score — moderate exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
!
1 public exploit available
49936
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
9
CVSS 9.8/10 Critical
NETWORK / LOW complexity

Affected Products (10)

Semac S2 Firmware
Semac D1 Firmware
Semac D2 Firmware
Semac D4 Firmware
Semac S3V3 Firmware
Semac D2 N300 Firmware
Semac S1 Osdp Firmware

Affected Vendors

Chiyu-Tech

References (6)

Exploit https://gitbook.seguranca-informatica.pt/cve-and-exploits/cves/chiyu-iot-devices...
Exploit https://seguranca-informatica.pt/dancing-in-the-iot-chiyu-devices-vulnerable-to-...
Vendor Advisory https://www.chiyu-tech.com/msg/message-Firmware-update-87.html
Exploit https://gitbook.seguranca-informatica.pt/cve-and-exploits/cves/chiyu-iot-devices...
Exploit https://seguranca-informatica.pt/dancing-in-the-iot-chiyu-devices-vulnerable-to-...
Vendor Advisory https://www.chiyu-tech.com/msg/message-Firmware-update-87.html
59
/ 100
high-risk
Severity 32/34 · Critical
Exploitability 11/34 · Low
Exposure 16/34 · Moderate