← Back

CVE-2020-5646

nvd nist
Published: Nov 6, 2020Modified: Nov 21, 2024

JSON object

Loading...
7.5
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Exploitability: 3.9 / Impact: 3.6
Source: NVD

Description

NULL pointer dereferences vulnerability in TCP/IP function included in the firmware of GT14 Model of GOT 1000 series (GT1455-QTBDE CoreOS version "05.65.00.BD" and earlier, GT1450-QMBDE CoreOS version "05.65.00.BD" and earlier, GT1450-QLBDE CoreOS version "05.65.00.BD" and earlier, GT1455HS-QTBDE CoreOS version "05.65.00.BD" and earlier, and GT1450HS-QMBDE CoreOS version "05.65.00.BD" and earlier) allows a remote unauthenticated attacker to stop the network functions of the products via a specially crafted packet.

Affected (1)

Mitsubishielectric
1 product
Coreos
Configuration A
1 vulnerable · 5 platform
Vulnerable SoftwareAffected Versions
Coreos
Up to 05.65.00.bd
Running on/withPlatform Versions
Mitsubishielectric
Gt1450 Qlbde
All versions
Mitsubishielectric
Gt1450 Qmbde
All versions
Mitsubishielectric
Gt1450hs Qmbde
All versions
Mitsubishielectric
Gt1455 Qtbde
All versions
Mitsubishielectric
Gt1455hs Qtbde
All versions

Related CWEs

CWE-476
NULL Pointer Dereference
The product dereferences a pointer that it expects to be valid but is NULL.

References (8)

Source: vultures@jpcert.or.jp
Third Party Advisory
Source: vultures@jpcert.or.jp
Third Party AdvisoryUS Government Resource
Source: vultures@jpcert.or.jp
Vendor Advisory
Source: vultures@jpcert.or.jp
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryUS Government Resource
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory

Timeline

No history available yet.