CVE-2020-5675

Published: Dic 04, 2020 Last Modified: Nov 21, 2024 EU-VD ID: EUVD-2020-26836 Aliases: GSD-2020-5675
ExploitDB:
Other exploit source:
Google Dorks:
HIGH 7,5
Source: [email protected]
Attack Vector: network
Attack Complexity: low
Privileges Required: none
User Interaction: none
Scope: unchanged
Confidentiality: none
Integrity: none
Availability: high
MEDIUM 5,0
Source: [email protected]
Access Vector: network
Access Complexity: low
Authentication: none
Confidentiality: none
Integrity: none
Availability: partial

Description

AI Translation Available

Out-of-bounds read vulnerability in GT21 model of GOT2000 series (GT2107-WTBD V01.39.000 and earlier, GT2107-WTSD V01.39.000 and earlier, GT2104-RTBD V01.39.000 and earlier, GT2104-PMBD V01.39.000 and earlier, and GT2103-PMBD V01.39.000 and earlier), GS21 model of GOT series (GS2110-WTBD V01.39.000 and earlier, GS2107-WTBD V01.39.000 and earlier, GS2110-WTBD-N V01.39.000 and earlier, and GS2107-WTBD-N V01.39.000 and earlier), and Tension Controller LE7-40GU-L series (LE7-40GU-L Screen package data for CC-Link IEF Basic V1.00, LE7-40GU-L Screen package data for MODBUS/TCP V1.00, and LE7-40GU-L Screen package data for SLMP V1.00) allows a remote attacker to cause a denial-of-service (DoS) condition by sending a specially crafted packet. As a result, deterioration of communication performance or a denial-of-service (DoS) condition of the TCP communication functions of the products may occur.

EPSS (Exploit Prediction Scoring System)

Trend Analysis

EPSS (Exploit Prediction Scoring System)

Prevede la probabilità di sfruttamento basata su intelligence sulle minacce e sulle caratteristiche della vulnerabilità.

EPSS Score
0,0032
Percentile
0,5th
Updated

EPSS Score Trend (Last 90 Days)

125

Out-of-bounds Read

Draft
Abstraction: Base Structure: Simple
Common Consequences
Security Scopes Affected:
Confidentiality Availability Other
Potential Impacts:
Read Memory Bypass Protection Mechanism Dos: Crash, Exit, Or Restart Varies By Context
Applicable Platforms
Languages: C, C++, Memory-Unsafe
Technologies: ICS/OT
View CWE Details
Operating System

Gt2104-Rtbd Firmware by Mitsubishielectric

Product Information
Vendor Mitsubishielectric
Product Gt2104-Rtbd Firmware
Version Range Affected
To 01.39.000 (inclusive)
cpe:2.3:o:mitsubishielectric:gt2104-rtbd_firmware:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Gt2104-Pmbd Firmware by Mitsubishielectric

Product Information
Vendor Mitsubishielectric
Product Gt2104-Pmbd Firmware
Version Range Affected
To 01.39.000 (inclusive)
cpe:2.3:o:mitsubishielectric:gt2104-pmbd_firmware:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Gt2103-Pmbd Firmware by Mitsubishielectric

Product Information
Vendor Mitsubishielectric
Product Gt2103-Pmbd Firmware
Version Range Affected
To 01.39.000 (inclusive)
cpe:2.3:o:mitsubishielectric:gt2103-pmbd_firmware:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Gs2110-Wtbd Firmware by Mitsubishielectric

Product Information
Vendor Mitsubishielectric
Product Gs2110-Wtbd Firmware
Version Range Affected
To 01.39.000 (inclusive)
cpe:2.3:o:mitsubishielectric:gs2110-wtbd_firmware:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Gs2110-Wtbd-N Firmware by Mitsubishielectric

Product Information
Vendor Mitsubishielectric
Product Gs2110-Wtbd-N Firmware
Version Range Affected
To 01.39.000 (inclusive)
cpe:2.3:o:mitsubishielectric:gs2110-wtbd-n_firmware:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Le7-40Gu-L Firmware by Mitsubishielectric

Product Information
Vendor Mitsubishielectric
Product Le7-40Gu-L Firmware
Version 1.00
cpe:2.3:o:mitsubishielectric:le7-40gu-l_firmware:1.00:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Gs2107-Wtbd-N Firmware by Mitsubishielectric

Product Information
Vendor Mitsubishielectric
Product Gs2107-Wtbd-N Firmware
Version Range Affected
To 01.39.000 (inclusive)
cpe:2.3:o:mitsubishielectric:gs2107-wtbd-n_firmware:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Gs2107-Wtbd Firmware by Mitsubishielectric

Product Information
Vendor Mitsubishielectric
Product Gs2107-Wtbd Firmware
Version Range Affected
To 01.39.000 (inclusive)
cpe:2.3:o:mitsubishielectric:gs2107-wtbd_firmware:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Gt2107-Wtsd Firmware by Mitsubishielectric

Product Information
Vendor Mitsubishielectric
Product Gt2107-Wtsd Firmware
Version Range Affected
To 01.39.000 (inclusive)
cpe:2.3:o:mitsubishielectric:gt2107-wtsd_firmware:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Gt2107-Wtbd Firmware by Mitsubishielectric

Product Information
Vendor Mitsubishielectric
Product Gt2107-Wtbd Firmware
Version Range Affected
To 01.39.000 (inclusive)
cpe:2.3:o:mitsubishielectric:gt2107-wtbd_firmware:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
https://jvn.jp/vu/JVNVU99277775/index.html
Third Party Advisory
https://jvn.jp/vu/JVNVU99277775/index.html
https://www.mitsubishielectric.co.jp/psirt/vulnerability/pd…
Vendor Advisory
https://www.mitsubishielectric.co.jp/psirt/vulnerability/pdf/2020-017.pdf
https://www.mitsubishielectric.com/en/psirt/vulnerability/p…
Vendor Advisory
https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2020-017_en.pdf
https://jvn.jp/vu/JVNVU99277775/index.html
Third Party Advisory
https://jvn.jp/vu/JVNVU99277775/index.html
https://www.mitsubishielectric.co.jp/psirt/vulnerability/pd…
Vendor Advisory
https://www.mitsubishielectric.co.jp/psirt/vulnerability/pdf/2020-017.pdf
https://www.mitsubishielectric.com/en/psirt/vulnerability/p…
Vendor Advisory
https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2020-017_en.pdf