Vulnerabilities > Mitsubishielectric > IU1 1M20 D Firmware
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-10-05 | CVE-2020-16226 | Predictable Exact Value from Previous Values vulnerability in Mitsubishielectric products Multiple Mitsubishi Electric products are vulnerable to impersonations of a legitimate device by a malicious actor, which may allow an attacker to remotely execute arbitrary commands. | 7.5 |
| 2020-03-16 | CVE-2020-5547 | Improper Input Validation vulnerability in Mitsubishielectric Iu1-1M20-D Firmware 1.0.7 Resource Management Errors vulnerability in TCP function included in the firmware of Mitsubishi Electric MELQIC IU1 series IU1-1M20-D firmware version 1.0.7 and earlier allows remote attackers to stop the network functions or execute malware via a specially crafted packet. | 7.5 |
| 2020-03-16 | CVE-2020-5546 | Argument Injection or Modification vulnerability in Mitsubishielectric Iu1-1M20-D Firmware Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') vulnerability in TCP function included in the firmware of Mitsubishi Electric MELQIC IU1 series IU1-1M20-D firmware version 1.0.7 and earlier allows an attacker on the same network segment to stop the network functions or execute malware via a specially crafted packet. | 5.8 |
| 2020-03-16 | CVE-2020-5545 | Unspecified vulnerability in Mitsubishielectric Iu1-1M20-D Firmware TCP function included in the firmware of Mitsubishi Electric MELQIC IU1 series IU1-1M20-D firmware version 1.0.7 and earlier allows remote attackers to bypass access restriction and to stop the network functions or execute malware via a specially crafted packet. | 7.5 |
| 2020-03-16 | CVE-2020-5544 | NULL Pointer Dereference vulnerability in Mitsubishielectric Iu1-1M20-D Firmware Null Pointer Dereference vulnerability in TCP function included in the firmware of Mitsubishi Electric MELQIC IU1 series IU1-1M20-D firmware version 1.0.7 and earlier allows remote attackers to stop the network functions or execute malware via a specially crafted packet. | 7.5 |
| 2020-03-16 | CVE-2020-5543 | Session Fixation vulnerability in Mitsubishielectric Iu1-1M20-D Firmware TCP function included in the firmware of Mitsubishi Electric MELQIC IU1 series IU1-1M20-D firmware version 1.0.7 and earlier does not properly manage sessions, which allows remote attackers to stop the network functions or execute malware via a specially crafted packet. | 7.5 |
| 2020-03-16 | CVE-2020-5542 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Mitsubishielectric Iu1-1M20-D Firmware Buffer error vulnerability in TCP function included in the firmware of Mitsubishi Electric MELQIC IU1 series IU1-1M20-D firmware version 1.0.7 and earlier allows remote attackers to stop the network functions or execute malware via a specially crafted packet. | 7.5 |