CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-5599

TCP/IP function included in the firmware of Mitsubishi Electric GOT2000 series (CoreOS with version -Y and earlier installed in GT27 Model, GT25 Model, and GT23 Model) contains an improper neutralization of argument delimiters in a command ('Argument Injection') vulnerability, which may allow a remote attacker to stop the network functions of the products or execute a malicious program via a specially crafted packet.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.01

EPSS Ranking 75.9%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 10.0

References

Products affected by CVE-2020-5599

Mitsubishielectric » Got2000 Gt23 » Version: N/A

cpe:2.3:h:mitsubishielectric:got2000_gt23:-
Mitsubishielectric » Got2000 Gt25 » Version: N/A

cpe:2.3:h:mitsubishielectric:got2000_gt25:-
Mitsubishielectric » Got2000 Gt27 » Version: N/A

cpe:2.3:h:mitsubishielectric:got2000_gt27:-
Mitsubishielectric » Coreos » Version: N/A

cpe:2.3:o:mitsubishielectric:coreos:-
Mitsubishielectric » Coreos » Version: 05.65.00.bd

cpe:2.3:o:mitsubishielectric:coreos:05.65.00.bd
Mitsubishielectric » Coreos » Version: y

cpe:2.3:o:mitsubishielectric:coreos:y

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-5599

Products

Pricing

Contact Us