Session Management Vulnerability in Mitsubishi Electric MELQIC IU1 Series IU1-1M20-D Firmware Version 1.0.7 and Earlier

Session Management Vulnerability in Mitsubishi Electric MELQIC IU1 Series IU1-1M20-D Firmware Version 1.0.7 and Earlier

CVE-2020-5543 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

TCP function included in the firmware of Mitsubishi Electric MELQIC IU1 series IU1-1M20-D firmware version 1.0.7 and earlier does not properly manage sessions, which allows remote attackers to stop the network functions or execute malware via a specially crafted packet.

Learn more about our Network Penetration Testing.