CVSS: 9.8EPSS: 0%CPEs: 202EXPL: 0CVE-2020-16226 – Mitsubishi Electric Multiple Products
https://notcve.org/view.php?id=CVE-2020-16226
08 Sep 2020 — Multiple Mitsubishi Electric products are vulnerable to impersonations of a legitimate device by a malicious actor, which may allow an attacker to remotely execute arbitrary commands. Múltiples productos de Mitsubishi Electric, son vulnerables a suplantaciones de un dispositivo legítimo por parte de un actor malicioso, lo que puede permitir a un atacante ejecutar comandos arbitrarios remotamente This vulnerability allows remote attackers to execute arbitrary code on affected installations of Mitsubishi Elec... • https://us-cert.cisa.gov/ics/advisories/icsa-20-245-01 • CWE-342: Predictable Exact Value from Previous Values •
CVSS: 9.8EPSS: 1%CPEs: 2EXPL: 0CVE-2020-5547
https://notcve.org/view.php?id=CVE-2020-5547
16 Mar 2020 — Resource Management Errors vulnerability in TCP function included in the firmware of Mitsubishi Electric MELQIC IU1 series IU1-1M20-D firmware version 1.0.7 and earlier allows remote attackers to stop the network functions or execute malware via a specially crafted packet. Una vulnerabilidad de Errores de Administración de Recursos, en una función TCP incluida en el firmware de Mitsubishi Electric MELQIC IU1 serie IU1-1M20-D versiones de firmware 1.0.7 y anteriores, permite a atacantes remotos detener las f... • https://jvn.jp/en/vu/JVNVU92370624/index.html •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2020-5546
https://notcve.org/view.php?id=CVE-2020-5546
16 Mar 2020 — Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') vulnerability in TCP function included in the firmware of Mitsubishi Electric MELQIC IU1 series IU1-1M20-D firmware version 1.0.7 and earlier allows an attacker on the same network segment to stop the network functions or execute malware via a specially crafted packet. Una vulnerabilidad de Neutralización Inapropiada de Delimitadores de Argumento en un Comando ("Argument Injection") en una función TCP incluida en el firmware ... • https://jvn.jp/en/vu/JVNVU92370624/index.html • CWE-88: Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2020-5545
https://notcve.org/view.php?id=CVE-2020-5545
16 Mar 2020 — TCP function included in the firmware of Mitsubishi Electric MELQIC IU1 series IU1-1M20-D firmware version 1.0.7 and earlier allows remote attackers to bypass access restriction and to stop the network functions or execute malware via a specially crafted packet. Una función TCP incluida en el firmware de Mitsubishi Electric MELQIC IU1 serie IU1-1M20-D versiones de firmware 1.0.7 y anteriores, permite a atacantes remotos omitir una restricción de acceso y detener las funciones de red o ejecutar malware por m... • https://jvn.jp/en/vu/JVNVU92370624/index.html •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2020-5543
https://notcve.org/view.php?id=CVE-2020-5543
16 Mar 2020 — TCP function included in the firmware of Mitsubishi Electric MELQIC IU1 series IU1-1M20-D firmware version 1.0.7 and earlier does not properly manage sessions, which allows remote attackers to stop the network functions or execute malware via a specially crafted packet. Una función TCP incluida en el firmware de Mitsubishi Electric MELQIC IU1 serie IU1-1M20-D versiones de firmware 1.0.7 y anteriores, no maneja apropiadamente las sesiones, lo que permite a atacantes remotos detener las funciones de red o eje... • https://jvn.jp/en/vu/JVNVU92370624/index.html • CWE-384: Session Fixation •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2020-5544
https://notcve.org/view.php?id=CVE-2020-5544
16 Mar 2020 — Null Pointer Dereference vulnerability in TCP function included in the firmware of Mitsubishi Electric MELQIC IU1 series IU1-1M20-D firmware version 1.0.7 and earlier allows remote attackers to stop the network functions or execute malware via a specially crafted packet. Una vulnerabilidad de Desreferencia del Puntero Null en una función TCP incluida en el firmware de Mitsubishi Electric MELQIC IU1 serie IU1-1M20-D versiones de firmware 1.0.7 y anteriores, permite a atacantes remotos detener las funciones d... • https://jvn.jp/en/vu/JVNVU92370624/index.html • CWE-476: NULL Pointer Dereference •
CVSS: 9.8EPSS: 1%CPEs: 2EXPL: 0CVE-2020-5542
https://notcve.org/view.php?id=CVE-2020-5542
16 Mar 2020 — Buffer error vulnerability in TCP function included in the firmware of Mitsubishi Electric MELQIC IU1 series IU1-1M20-D firmware version 1.0.7 and earlier allows remote attackers to stop the network functions or execute malware via a specially crafted packet. Una vulnerabilidad de error de búfer en una función TCP incluida en el firmware de Mitsubishi Electric MELQIC IU1 serie IU1-1M20-D versiones de firmware 1.0.7 y anteriores, permite a atacantes remotos detener las funciones de red o ejecutar malware por... • https://jvn.jp/en/vu/JVNVU92370624/index.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •