Vulnerability Description
TCP/IP function included in the firmware of Mitsubishi Electric GOT2000 series (CoreOS with version -Y and earlier installed in GT27 Model, GT25 Model, and GT23 Model) contains a buffer overflow vulnerability, which may allow a remote attacker to stop the network functions of the products or execute a malicious program via a specially crafted packet.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Mitsubishielectric | Coreos | <= y |
| Mitsubishielectric | Got2000 Gt23 | - |
| Mitsubishielectric | Got2000 Gt25 | - |
| Mitsubishielectric | Got2000 Gt27 | - |
Related Weaknesses (CWE)
References
- https://jvn.jp/en/vu/JVNVU95413676/index.htmlThird Party Advisory
- https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2020-005_en.pdfVendor Advisory
- https://jvn.jp/en/vu/JVNVU95413676/index.htmlThird Party Advisory
- https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2020-005_en.pdfVendor Advisory
FAQ
What is CVE-2020-5595?
CVE-2020-5595 is a vulnerability with a CVSS score of 9.8 (CRITICAL). TCP/IP function included in the firmware of Mitsubishi Electric GOT2000 series (CoreOS with version -Y and earlier installed in GT27 Model, GT25 Model, and GT23 Model) contains a buffer overflow vulne...
How severe is CVE-2020-5595?
CVE-2020-5595 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2020-5595?
Check the references section above for vendor advisories and patch information. Affected products include: Mitsubishielectric Coreos, Mitsubishielectric Got2000 Gt23, Mitsubishielectric Got2000 Gt25, Mitsubishielectric Got2000 Gt27.