CVE-2020-5597

Name of the Vulnerable Software and Affected Versions Mitsubishi Electric GOT2000 series versions -Y and earlier

Description The issue concerns a null pointer dereference vulnerability in the TCP/IP function of the firmware. This vulnerability may allow a remote attacker to stop the network functions of the products or execute a malicious program via a specially crafted packet.

Recommendations For Mitsubishi Electric GOT2000 series versions -Y and earlier, consider restricting access to the network to minimize the risk of exploitation until a patch is available. As a temporary workaround, limiting the exposure of the device to untrusted networks may help reduce the risk. At the moment, there is no information about a newer version that contains a fix for this vulnerability.