Rewterz Threat Advisory – CVE-2020-7284 – McAfee Network Security Management command execution
July 7, 2020Rewterz Threat Alert – Latest Emotet IOCs
July 7, 2020Rewterz Threat Advisory – CVE-2020-7284 – McAfee Network Security Management command execution
July 7, 2020Rewterz Threat Alert – Latest Emotet IOCs
July 7, 2020Severity
High
Analysis Summary
Mitsubishi Electric GOT2000 series could allow a remote attacker to execute arbitrary commands on the system, caused by an argument injection flaw in the TCP/IP function. By sending a specially-crafted packet, an attacker could exploit this vulnerability to execute arbitrary commands on the system.
Impact
Denial of service
Affected Vendors
Mitsubishi Electric
Affected Products
- Mitsubishi Electric GOT2000 series GT23 Model
- Mitsubishi Electric GOT2000 series GT25 Model
- Mitsubishi Electric GOT2000 series GT27 Model
Remedition
Refer to Mitsubishi Electric Security Advisory for patch, upgrade or suggested workaround information.
https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2020-005_en.pdf