CVE-2020-5542
CRITICALMitsubishi Electric MELQIC IU1 <1.0.7 - Buffer Overflow
Title source: llmDescription
Buffer error vulnerability in TCP function included in the firmware of Mitsubishi Electric MELQIC IU1 series IU1-1M20-D firmware version 1.0.7 and earlier allows remote attackers to stop the network functions or execute malware via a specially crafted packet.
References (2)
Core 2
Core References
Third Party Advisory x_refsource_misc
https://jvn.jp/en/vu/JVNVU92370624/index.html
Patch, Vendor Advisory x_refsource_misc
https://www.mitsubishielectric.co.jp/psirt/vulnerability/pdf/2019-004.pdf
Scores
CVSS v3
9.8
EPSS
0.0098
EPSS Percentile
76.9%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-119
Status
published
Products (1)
mitsubishielectric/iu1-1m20-d_firmware
< 1.0.7
Published
Mar 16, 2020
Tracked Since
Feb 18, 2026