CVE-2020-5675

HIGH

GOT2000/GOT/LE7-40GU-L - Memory Corruption

Title source: llm
STIX 2.1

Description

Out-of-bounds read vulnerability in GT21 model of GOT2000 series (GT2107-WTBD V01.39.000 and earlier, GT2107-WTSD V01.39.000 and earlier, GT2104-RTBD V01.39.000 and earlier, GT2104-PMBD V01.39.000 and earlier, and GT2103-PMBD V01.39.000 and earlier), GS21 model of GOT series (GS2110-WTBD V01.39.000 and earlier, GS2107-WTBD V01.39.000 and earlier, GS2110-WTBD-N V01.39.000 and earlier, and GS2107-WTBD-N V01.39.000 and earlier), and Tension Controller LE7-40GU-L series (LE7-40GU-L Screen package data for CC-Link IEF Basic V1.00, LE7-40GU-L Screen package data for MODBUS/TCP V1.00, and LE7-40GU-L Screen package data for SLMP V1.00) allows a remote attacker to cause a denial-of-service (DoS) condition by sending a specially crafted packet. As a result, deterioration of communication performance or a denial-of-service (DoS) condition of the TCP communication functions of the products may occur.

References (3)

Core 3

Scores

CVSS v3 7.5
EPSS 0.0032
EPSS Percentile 54.7%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

CWE
CWE-125
Status published
Products (10)
mitsubishielectric/gs2107-wtbd-n_firmware < 01.39.000
mitsubishielectric/gs2107-wtbd_firmware < 01.39.000
mitsubishielectric/gs2110-wtbd-n_firmware < 01.39.000
mitsubishielectric/gs2110-wtbd_firmware < 01.39.000
mitsubishielectric/gt2103-pmbd_firmware < 01.39.000
mitsubishielectric/gt2104-pmbd_firmware < 01.39.000
mitsubishielectric/gt2104-rtbd_firmware < 01.39.000
mitsubishielectric/gt2107-wtbd_firmware < 01.39.000
mitsubishielectric/gt2107-wtsd_firmware < 01.39.000
mitsubishielectric/le7-40gu-l_firmware 1.00
Published Dec 04, 2020
Tracked Since Feb 18, 2026