Main Vulnerability Database SB2020033106

SB2020033106 - Denial of service in multiple Yamaha network devices

Published: March 31, 2020

Security Bulletin ID SB2020033106

Severity

Medium

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Remote access

Highest impact Denial of service

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Resource exhaustion (CVE-ID: CVE-2020-5548)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to an issue in processing received packet. A remote attacker can trigger resource exhaustion and perform a denial of service (DoS) attack.

Remediation

Install update from vendor's website.

References

Vulnerable Software

Yamaha LTE VoIP Router: All versions
Yamaha Gigabit VoIP Router: All versions
Yamaha Gigabit VPN Router: All versions
Yamaha Broadband VoIP Router: All versions
Yamaha Firewall: All versions
NVR700W: 15.00.15 and previous versions
NVR510: 15.01.14 and previous versions
NVR500: 11.00.38 and previous versions
RTX810: 11.01.33 and previous versions
RTX830: 15.02.09 and previous versions
RTX1200: 10.01.76 and previous versions
RTX1210: 14.01.33 and previous versions
RTX3500: 14.00.26 and previous versions
RTX5000: 14.00.26 and previous versions
FWX120: 11.03.27 and previous versions

SB2020033106 - Denial of service in multiple Yamaha network devices

Breakdown by Severity

Description

Remediation

References

Please verify you're human