Vulnerabilities > CVE-2020-5544 - NULL Pointer Dereference vulnerability in Mitsubishielectric Iu1-1M20-D Firmware 1.0.7

047910
CVSS 9.8 - CRITICAL
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
network
low complexity
mitsubishielectric
CWE-476
critical
NVD
Published: 2020-03-16
Updated: 2020-03-19

Summary

Null Pointer Dereference vulnerability in TCP function included in the firmware of Mitsubishi Electric MELQIC IU1 series IU1-1M20-D firmware version 1.0.7 and earlier allows remote attackers to stop the network functions or execute malware via a specially crafted packet.

Vulnerable Configurations

Part Description Count
OS
Mitsubishielectric
2
Hardware
Mitsubishielectric
1

Common Weakness Enumeration (CWE)

References