Remote Unauthenticated Network Function Disruption in Mitsubishi GOT 1000 Series
CVE-2020-5646

7.5HIGH

Key Information:

Vendor: Mitsubishi Electric Corporation
Status: Gt14 Model Of Got 1000 Series
Vendor: CVE Published:; 6 November 2020

Summary

A null pointer dereference vulnerability exists in the TCP/IP functions of the Mitsubishi GOT 1000 series firmware. This flaw enables a remote unauthenticated attacker to disrupt network operations by sending specially crafted packets, potentially disabling critical network functions within the affected devices. Users are advised to update their firmware to the latest versions to mitigate this risk.

Affected Version(s)

GT14 Model of GOT 1000 series (GT1455-QTBDE CoreOS version ’05.65.00.BD’ and earlier, GT1450-QMBDE CoreOS version ’05.65.00.BD’ and earlier, GT1450-QLBDE CoreOS version ’05.65.00.BD’ and earlier, GT1455HS-QTBDE CoreOS version ’05.65.00.BD’ and earlier, and GT1450HS-QMBDE CoreOS version ’05.65.00.BD’ and earlier)