Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2020-5675
HistoryDec 04, 2020 - 8:15 a.m.

CVE-2020-5675

2020-12-0408:15:11
CWE-125
[email protected]
web.nvd.nist.gov
37
vulnerability
gt21
gs21
got2000
got
denial-of-service
nvd
out-of-bounds read

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.4 High

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.004 Low

EPSS

Percentile

73.0%

JSON

Out-of-bounds read vulnerability in GT21 model of GOT2000 series (GT2107-WTBD V01.39.000 and earlier, GT2107-WTSD V01.39.000 and earlier, GT2104-RTBD V01.39.000 and earlier, GT2104-PMBD V01.39.000 and earlier, and GT2103-PMBD V01.39.000 and earlier), GS21 model of GOT series (GS2110-WTBD V01.39.000 and earlier, GS2107-WTBD V01.39.000 and earlier, GS2110-WTBD-N V01.39.000 and earlier, and GS2107-WTBD-N V01.39.000 and earlier), and Tension Controller LE7-40GU-L series (LE7-40GU-L Screen package data for CC-Link IEF Basic V1.00, LE7-40GU-L Screen package data for MODBUS/TCP V1.00, and LE7-40GU-L Screen package data for SLMP V1.00) allows a remote attacker to cause a denial-of-service (DoS) condition by sending a specially crafted packet. As a result, deterioration of communication performance or a denial-of-service (DoS) condition of the TCP communication functions of the products may occur.

Affected configurations

NVD
Node
mitsubishielectricgt2107-wtbd_firmwareRange01.39.000
AND
mitsubishielectricgt2107-wtbdMatch-
Node
mitsubishielectricgt2107-wtsd_firmwareRange01.39.000
AND
mitsubishielectricgt2107-wtsdMatch-
Node
mitsubishielectricgt2104-rtbd_firmwareRange01.39.000
AND
mitsubishielectricgt2104-rtbdMatch-
Node
mitsubishielectricgt2104-pmbd_firmwareRange01.39.000
AND
mitsubishielectricgt2104-pmbdMatch-
Node
mitsubishielectricgt2103-pmbd_firmwareRange01.39.000
AND
mitsubishielectricgt2103-pmbdMatch-
Node
mitsubishielectricgs2110-wtbd_firmwareRange01.39.000
AND
mitsubishielectricgs2110-wtbdMatch-
Node
mitsubishielectricgs2107-wtbd_firmwareRange01.39.000
AND
mitsubishielectricgs2107-wtbdMatch-
Node
mitsubishielectricle7-40gu-l_firmwareMatch1.00
AND
mitsubishielectricle7-40gu-lMatch-
Node
mitsubishielectricgs2110-wtbd-n_firmwareRange01.39.000
AND
mitsubishielectricgs2110-wtbd-nMatch-
Node
mitsubishielectricgs2107-wtbd-n_firmwareRange01.39.000
AND
mitsubishielectricgs2107-wtbd-nMatch-

CNA Affected

[
  {
    "product": "GT21 model of GOT2000 series, GS21 model of GOT SIMPLE series, and Tension Controller LE7-40GU-L series",
    "vendor": "Mitsubishi Electric Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "GT21 model of GOT2000 series (GT2107-WTBD V01.39.000 and earlier, GT2107-WTSD V01.39.000 and earlier, GT2104-RTBD V01.39.000 and earlier, GT2104-PMBD V01.39.000 and earlier, and GT2103-PMBD V01.39.000 and earlier), GS21 model of GOT series (GS2110-WTBD V01.39.000 and earlier, GS2107-WTBD V01.39.000 and earlier, GS2110-WTBD-N V01.39.000 and earlier, and GS2107-WTBD-N V01.39.000 and earlier), and Tension Controller LE7-40GU-L series (LE7-40GU-L Screen package data for CC-Link IEF Basic V1.00, LE7-40GU-L Screen package data for MODBUS/TCP V1.00, and LE7-40GU-L Screen package data for SLMP V1.00)"
      }
    ]
  }
]

Related

prion 1
nvd 1
nessus 1
cvelist 1
ics 1
prion
prion
Design/Logic Flaw
2020-12-04 08:15:00
nvd
nvd
CVE-2020-5675
2020-12-04 08:15:11
nessus
nessus
Mitsubishi Electric GOT and Tension Controller (CVE-2020-5675)
2022-02-07 00:00:00
cvelist
cvelist
CVE-2020-5675
2020-12-04 07:10:19
ics
ics
Mitsubishi Electric GOT and Tension Controller (Update B)
2022-01-20 12:00:00

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.4 High

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.004 Low

EPSS

Percentile

73.0%

JSON
Related for CVE-2020-5675
prion1nvd1nessus1cvelist1ics1