CVE-2021-20587

CVE-2021-20587 is a heap-based buffer overflow in Mitsubishi Electric FA Engineering Software products (numerous tools such as CPU Module Logging Configuration Tool, CW Configurator, Data Transfer, EZSocket, FR Configurator family, GT Designer3/GOT variants, GX/GX Works, MELSOFT EM/Navigator, etc...

CVE-2020-5637

Improper validation of integrity check value vulnerability in Aterm SA3500G firmware versions prior to Ver. 3.5.9 allows an attacker with an administrative privilege to execute a malicious program...

CVE-2020-5637

Improper validation of integrity check value vulnerability in Aterm SA3500G firmware versions prior to Ver. 3.5.9 allows an attacker with an administrative privilege to execute a malicious program...

CVE-2020-5644

Buffer overflow vulnerability in TCP/IP function included in the firmware of GT14 Model of GOT 1000 series GT1455-QTBDE CoreOS version "05.65.00.BD" and earlier, GT1450-QMBDE CoreOS version "05.65.00.BD" and earlier, GT1450-QLBDE CoreOS version "05.65.00.BD" and earlier, GT1455HS-QTBDE CoreOS...

CVE-2020-5647

CVE-2020-5647 corresponds to an improper access control vulnerability in the TCP/IP function of Mitsubishi Electric GOT1000 GT14 Series firmware. Affected models (CoreOS 05.65.00.BD and earlier) include GT1455-QTBDE, GT1450-QMBDE, GT1450-QLBDE, GT1455HS-QTBDE, and GT1450HS-QMBDE. The issue allows...

CVE-2020-5647

Improper access control vulnerability in TCP/IP function included in the firmware of GT14 Model of GOT 1000 series GT1455-QTBDE CoreOS version ’05.65.00.BD’ and earlier, GT1450-QMBDE CoreOS version ’05.65.00.BD’ and earlier, GT1450-QLBDE CoreOS version ’05.65.00.BD’ and earlier, GT1455HS-QTBDE...

CVE-2020-5644

Buffer overflow vulnerability in TCP/IP function included in the firmware of GT14 Model of GOT 1000 series GT1455-QTBDE CoreOS version "05.65.00.BD" and earlier, GT1450-QMBDE CoreOS version "05.65.00.BD" and earlier, GT1450-QLBDE CoreOS version "05.65.00.BD" and earlier, GT1455HS-QTBDE CoreOS...

CVE-2020-5653

Buffer overflow vulnerability in TCP/IP function included in the firmware of MELSEC iQ-R series RJ71EIP91 EtherNet/IP Network Interface Module First 2 digits of serial number are '02' or before, RJ71PN92 PROFINET IO Controller Module First 2 digits of serial number are '01' or before, RD81DL96 Hi...

Buffer overflow

Buffer overflow vulnerability in TCP/IP function included in the firmware of MELSEC iQ-R series RJ71EIP91 EtherNet/IP Network Interface Module First 2 digits of serial number are '02' or before, RJ71PN92 PROFINET IO Controller Module First 2 digits of serial number are '01' or before, RD81DL96 Hi...

Improper access control

Improper access control vulnerability in TCP/IP function included in the firmware of MELSEC iQ-R series RJ71EIP91 EtherNet/IP Network Interface Module First 2 digits of serial number are '02' or before, RJ71PN92 PROFINET IO Controller Module First 2 digits of serial number are '01' or before,...

CVE-2020-5656

Improper access control vulnerability in TCP/IP function included in the firmware of MELSEC iQ-R series RJ71EIP91 EtherNet/IP Network Interface Module First 2 digits of serial number are '02' or before, RJ71PN92 PROFINET IO Controller Module First 2 digits of serial number are '01' or before,...

CVE-2020-5653

Buffer overflow vulnerability in TCP/IP function included in the firmware of MELSEC iQ-R series RJ71EIP91 EtherNet/IP Network Interface Module First 2 digits of serial number are '02' or before, RJ71PN92 PROFINET IO Controller Module First 2 digits of serial number are '01' or before, RD81DL96 Hi...

CVE-2020-5596

TCP/IP function included in the firmware of Mitsubishi Electric GOT2000 series CoreOS with version -Y and earlier installed in GT27 Model, GT25 Model, and GT23 Model does not properly manage sessions, which may allow a remote attacker to stop the network functions of the products or execute a...

CVE-2020-5597

TCP/IP function included in the firmware of Mitsubishi Electric GOT2000 series CoreOS with version -Y and earlier installed in GT27 Model, GT25 Model, and GT23 Model contains a null pointer dereference vulnerability, which may allow a remote attacker to stop the network functions of the products ...

CVE-2020-5599

TCP/IP function included in the firmware of Mitsubishi Electric GOT2000 series CoreOS with version -Y and earlier installed in GT27 Model, GT25 Model, and GT23 Model contains an improper neutralization of argument delimiters in a command 'Argument Injection' vulnerability, which may allow a remot...

CVE-2020-5600

TCP/IP function included in the firmware of Mitsubishi Electric GOT2000 series CoreOS with version -Y and earlier installed in GT27 Model, GT25 Model, and GT23 Model contains a resource management error vulnerability, which may allow a remote attacker to stop the network functions of the products...

CVE-2020-5595

TCP/IP function included in the firmware of Mitsubishi Electric GOT2000 series CoreOS with version -Y and earlier installed in GT27 Model, GT25 Model, and GT23 Model contains a buffer overflow vulnerability, which may allow a remote attacker to stop the network functions of the products or execut...

CVE-2020-5598

TCP/IP function included in the firmware of Mitsubishi Electric GOT2000 series CoreOS with version -Y and earlier installed in GT27 Model, GT25 Model, and GT23 Model contains an improper access control vulnerability, which may which may allow a remote attacker tobypass access restriction and stop...

Design/Logic Flaw

TCP/IP function included in the firmware of Mitsubishi Electric GOT2000 series CoreOS with version -Y and earlier installed in GT27 Model, GT25 Model, and GT23 Model does not properly manage sessions, which may allow a remote attacker to stop the network functions of the products or execute a...

Improper access control

TCP/IP function included in the firmware of Mitsubishi Electric GOT2000 series CoreOS with version -Y and earlier installed in GT27 Model, GT25 Model, and GT23 Model contains an improper access control vulnerability, which may which may allow a remote attacker tobypass access restriction and stop...