CVE-2020-5599

Name of the Vulnerable Software and Affected Versions Mitsubishi Electric GOT2000 series (CoreOS with version -Y and earlier installed in GT27 Model, GT25 Model, and GT23 Model)

Description The issue is related to an improper neutralization of argument delimiters in a command, also known as 'Argument Injection', which may allow a remote attacker to stop the network functions of the products or execute a malicious program via a specially crafted packet.

Recommendations For Mitsubishi Electric GOT2000 series with CoreOS version -Y and earlier, consider disabling the TCP/IP function temporarily until a patch is available to prevent potential exploitation. Restrict access to the network to minimize the risk of a remote attacker stopping the network functions or executing malicious programs.