PT-2020-18517 · Mitsubishi · Melqic Iu1 Series

Published

2020-03-16

Updated

2020-03-19

CVE-2020-5542

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Mitsubishi Electric MELQIC IU1 series IU1-1M20-D version 1.0.7 and earlier

Description A buffer error vulnerability in the TCP function of the firmware allows remote attackers to stop the network functions or execute malware via a specially crafted packet.

Recommendations For Mitsubishi Electric MELQIC IU1 series IU1-1M20-D version 1.0.7 and earlier, update to a version later than 1.0.7 to resolve the issue. As a temporary workaround, consider restricting access to the network to minimize the risk of exploitation.

Fix

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119

Related Identifiers

CVE-2020-5542

Affected Products

Melqic Iu1 Series

PT-2020-18517 · Mitsubishi · Melqic Iu1 Series

CVE-2020-5542

Weakness Enumeration

Related Identifiers

Affected Products

References · 5