CVE-2020-5599

Published: Jul 7, 2020

Modified: Aug 4, 2024

PUBLISHED

Description

TCP/IP function included in the firmware of Mitsubishi Electric GOT2000 series (CoreOS with version -Y and earlier installed in GT27 Model, GT25 Model, and GT23 Model) contains an improper neutralization of argument delimiters in a command ('Argument Injection') vulnerability, which may allow a remote attacker to stop the network functions of the products or execute a malicious program via a specially crafted packet.

Vendor	Product	Versions
Mitsubishi Electric Corporation	GOT2000 series GT27, GT25, and GT23	affected `CoreOS with version -Y and earlier installed in GT27 Model, GT25 Model, and GT23 Model`

References

https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2020-005_en.pdf

x_refsource_MISC

https://jvn.jp/en/vu/JVNVU95413676/index.html

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2020-5599

Description

Affected Products

References