Out-of-bounds read vulnerability in GT21 model of GOT2000 series (GT2107-WTBD V01.39.000 and earlier, GT2107-WTSD V01.39.000 and earlier, GT2104-RTBD V01.39.000 and earlier, GT2104-PMBD V01.39.000 and earlier, and GT2103-PMBD V01.39.000 and earlier), GS21 model of GOT series (GS2110-WTBD V01.39.000 and earlier, GS2107-WTBD V01.39.000 and earlier, GS2110-WTBD-N V01.39.000 and earlier, and GS2107-WTBD-N V01.39.000 and earlier), and Tension Controller LE7-40GU-L series (LE7-40GU-L Screen package data for CC-Link IEF Basic V1.00, LE7-40GU-L Screen package data for MODBUS/TCP V1.00, and LE7-40GU-L Screen package data for SLMP V1.00) allows a remote attacker to cause a denial-of-service (DoS) condition by sending a specially crafted packet. As a result, deterioration of communication performance or a denial-of-service (DoS) condition of the TCP communication functions of the products may occur.

Metrics

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

AV:N/AC:L/Au:N/C:N/I:N/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Affected Vendors & Products

Vendors Products
Mitsubishielectric
  • Gs2107-wtbd
  • Gs2107-wtbd-n
  • Gs2107-wtbd-n Firmware
  • Gs2107-wtbd Firmware
  • Gs2110-wtbd
  • Gs2110-wtbd-n
  • Gs2110-wtbd-n Firmware
  • Gs2110-wtbd Firmware
  • Gt2103-pmbd
  • Gt2103-pmbd Firmware
  • Gt2104-pmbd
  • Gt2104-pmbd Firmware
  • Gt2104-rtbd
  • Gt2104-rtbd Firmware
  • Gt2107-wtbd
  • Gt2107-wtbd Firmware
  • Gt2107-wtsd
  • Gt2107-wtsd Firmware
  • Le7-40gu-l
  • Le7-40gu-l Firmware

Configuration 1 [-]

AND
cpe:2.3:o:mitsubishielectric:gt2107-wtbd_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:gt2107-wtbd:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND
cpe:2.3:o:mitsubishielectric:gt2107-wtsd_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:gt2107-wtsd:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND
cpe:2.3:o:mitsubishielectric:gt2104-rtbd_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:gt2104-rtbd:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND
cpe:2.3:o:mitsubishielectric:gt2104-pmbd_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:gt2104-pmbd:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND
cpe:2.3:o:mitsubishielectric:gt2103-pmbd_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:gt2103-pmbd:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND
cpe:2.3:o:mitsubishielectric:gs2110-wtbd_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:gs2110-wtbd:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND
cpe:2.3:o:mitsubishielectric:gs2107-wtbd_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:gs2107-wtbd:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND
cpe:2.3:o:mitsubishielectric:le7-40gu-l_firmware:1.00:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:le7-40gu-l:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND
cpe:2.3:o:mitsubishielectric:gs2110-wtbd-n_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:gs2110-wtbd-n:-:*:*:*:*:*:*:*

Configuration 10 [-]

AND
cpe:2.3:o:mitsubishielectric:gs2107-wtbd-n_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:gs2107-wtbd-n:-:*:*:*:*:*:*:*

No data.

References
Link Providers
https://jvn.jp/vu/JVNVU99277775/index.html cve-icon cve-icon
https://www.mitsubishielectric.co.jp/psirt/vulnerability/pdf/2020-017.pdf cve-icon cve-icon
https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2020-017_en.pdf cve-icon cve-icon
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: jpcert

Published: 2020-12-04T07:10:19

Updated: 2024-08-04T08:39:25.520Z

Reserved: 2020-01-06T00:00:00

Link: CVE-2020-5675

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Analyzed

Published: 2020-12-04T08:15:11.207

Modified: 2022-02-10T07:38:21.500

Link: CVE-2020-5675

cve-icon Redhat

No data.