← Back

CVE-2020-5675

nvd nist
Published: Dec 4, 2020Modified: Nov 21, 2024

JSON object

Loading...
7.5
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Exploitability: 3.9 / Impact: 3.6
Source: NVD

Description

Out-of-bounds read vulnerability in GT21 model of GOT2000 series (GT2107-WTBD V01.39.000 and earlier, GT2107-WTSD V01.39.000 and earlier, GT2104-RTBD V01.39.000 and earlier, GT2104-PMBD V01.39.000 and earlier, and GT2103-PMBD V01.39.000 and earlier), GS21 model of GOT series (GS2110-WTBD V01.39.000 and earlier, GS2107-WTBD V01.39.000 and earlier, GS2110-WTBD-N V01.39.000 and earlier, and GS2107-WTBD-N V01.39.000 and earlier), and Tension Controller LE7-40GU-L series (LE7-40GU-L Screen package data for CC-Link IEF Basic V1.00, LE7-40GU-L Screen package data for MODBUS/TCP V1.00, and LE7-40GU-L Screen package data for SLMP V1.00) allows a remote attacker to cause a denial-of-service (DoS) condition by sending a specially crafted packet. As a result, deterioration of communication performance or a denial-of-service (DoS) condition of the TCP communication functions of the products may occur.

Affected (10)

Mitsubishielectric
10 products
Gt2107 Wtbd Firmware
Gt2107 Wtsd Firmware
Gt2104 Rtbd Firmware
Gt2104 Pmbd Firmware
Gt2103 Pmbd Firmware
Gs2110 Wtbd Firmware
Gs2107 Wtbd Firmware
Le7 40gu L Firmware
Gs2110 Wtbd N Firmware
Gs2107 Wtbd N Firmware
Configuration A
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Gt2107 Wtbd Firmware
Up to 01.39.000
Running on/withPlatform Versions
Mitsubishielectric
Gt2107 Wtbd
All versions
Configuration B
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Gt2107 Wtsd Firmware
Up to 01.39.000
Running on/withPlatform Versions
Mitsubishielectric
Gt2107 Wtsd
All versions
Configuration C
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Gt2104 Rtbd Firmware
Up to 01.39.000
Running on/withPlatform Versions
Mitsubishielectric
Gt2104 Rtbd
All versions
Configuration D
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Gt2104 Pmbd Firmware
Up to 01.39.000
Running on/withPlatform Versions
Mitsubishielectric
Gt2104 Pmbd
All versions
Configuration E
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Gt2103 Pmbd Firmware
Up to 01.39.000
Running on/withPlatform Versions
Mitsubishielectric
Gt2103 Pmbd
All versions
Configuration F
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Gs2110 Wtbd Firmware
Up to 01.39.000
Running on/withPlatform Versions
Mitsubishielectric
Gs2110 Wtbd
All versions
Configuration G
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Gs2107 Wtbd Firmware
Up to 01.39.000
Running on/withPlatform Versions
Mitsubishielectric
Gs2107 Wtbd
All versions
Configuration H
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Le7 40gu L Firmware
Version 1.00
Running on/withPlatform Versions
Mitsubishielectric
Le7 40gu L
All versions
Configuration I
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Gs2110 Wtbd N Firmware
Up to 01.39.000
Running on/withPlatform Versions
Mitsubishielectric
Gs2110 Wtbd N
All versions
Configuration J
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Gs2107 Wtbd N Firmware
Up to 01.39.000
Running on/withPlatform Versions
Mitsubishielectric
Gs2107 Wtbd N
All versions

Related CWEs

CWE-125
Out-of-bounds Read
The product reads data past the end, or before the beginning, of the intended buffer.

References (6)

Source: vultures@jpcert.or.jp
Third Party Advisory
Source: vultures@jpcert.or.jp
Vendor Advisory
Source: vultures@jpcert.or.jp
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory

Timeline

No history available yet.