Vulnerabilities > CVE-2020-5597 - NULL Pointer Dereference vulnerability in Mitsubishielectric Coreos 05.65.00.Bd/Y

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

network

low complexity

mitsubishielectric

CWE-476

NVD

Published: 2020-07-07

Updated: 2020-07-14

Summary

TCP/IP function included in the firmware of Mitsubishi Electric GOT2000 series (CoreOS with version -Y and earlier installed in GT27 Model, GT25 Model, and GT23 Model) contains a null pointer dereference vulnerability, which may allow a remote attacker to stop the network functions of the products or execute a malicious program via a specially crafted packet.

Vulnerable Configurations

Part	Description	Count
OS	Mitsubishielectric Mitsubishielectric Coreos - Mitsubishielectric Coreos 05.65.00.Bd Mitsubishielectric Coreos Y	3
Hardware	Mitsubishielectric Mitsubishielectric Got2000 Gt23 - Mitsubishielectric Got2000 Gt25 - Mitsubishielectric Got2000 Gt27 -	3

Common Weakness Enumeration (CWE)

CWE-476 - NULL Pointer Dereference

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

References