CVE-2021-31251

Name of the Vulnerable Software and Affected Versions BF-430 and BF431 232/422 TCP/IP Converter versions (affected versions not specified) BF-450M versions (affected versions not specified) SEMAC versions (affected versions not specified)

Description An authentication bypass in the telnet server allows obtaining a privileged connection with the target device by supplying a specially malformed request. An attacker may force the remote telnet server to believe that the user has already authenticated.

Recommendations For BF-430 and BF431 232/422 TCP/IP Converter, consider disabling the telnet server until a patch is available. For BF-450M, restrict access to the telnet server to minimize the risk of exploitation. For SEMAC, avoid using the telnet server until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.