Multiple vulnerabilities in Mitsubishi Electric GT25-WLAN
| Risk | Low |
| Patch available | NO |
| Number of vulnerabilities | 7 |
| CVE-ID | CVE-2020-24586 CVE-2020-24587 CVE-2020-24588 CVE-2020-26140 CVE-2020-26143 CVE-2020-26144 CVE-2020-26146 |
| CWE-ID | CWE-20 CWE-451 |
| Exploitation vector | Local network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
GT25-WLAN Hardware solutions / Routers & switches, VoIP, GSM, etc |
| Vendor | Mitsubishi Electric |
Security Bulletin
This security bulletin contains information about 7 vulnerabilities.
1) Input validation error
EUVDB-ID: #VU53154
Risk: Low
CVSSv3.1: 4.9 [CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2020-24586
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists in the 802.11 standard due to the affected device does not clear its cache/memory to remove fragments of an incomplete MSDU/MMPDU from previous session after reconnection/reassociation. A remote attacker on the local network can perform a fragment cache attack and perform a denial of service (DoS) attack.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsGT25-WLAN: All versions
External linkshttp://ics-cert.us-cert.gov/advisories/icsa-22-102-04
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Information disclosure
EUVDB-ID: #VU53096
Risk: Low
CVSSv3.1: 6 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:U/RC:C]
CVE-ID: CVE-2020-24587
CWE-ID: N/A
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to excessive data output by the application in Windows Wireless Networking. A remote attacker on the local network can gain unauthorized access to sensitive information on the system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsGT25-WLAN: All versions
External linkshttp://ics-cert.us-cert.gov/advisories/icsa-22-102-04
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Spoofing attack
EUVDB-ID: #VU53098
Risk: Low
CVSSv3.1: 5 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:U/RL:U/RC:C]
CVE-ID: CVE-2020-24588
CWE-ID:
CWE-451 - User Interface (UI) Misrepresentation of Critical Information (Clickjacking, spoofing)
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform spoofing attack.
The vulnerability exists due to incorrect processing of user-supplied data in Windows Wireless Networking. A remote attacker on the local network can spoof page content.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsGT25-WLAN: All versions
External linkshttp://ics-cert.us-cert.gov/advisories/icsa-22-102-04
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Input validation error
EUVDB-ID: #VU53161
Risk: Low
CVSSv3.1: 5.2 [CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N/E:U/RL:U/RC:C]
CVE-ID: CVE-2020-26140
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the target system.
The vulnerability exists due to the WEP, WPA, WPA2, and WPA3 implementations accept plaintext frames in a protected Wi-Fi network. A remote attacker on the local network can inject arbitrary data frames independent of the network configuration.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsGT25-WLAN: All versions
External linkshttp://ics-cert.us-cert.gov/advisories/icsa-22-102-04
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Input validation error
EUVDB-ID: #VU53166
Risk: Low
CVSSv3.1: 5.2 [CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N/E:U/RL:U/RC:C]
CVE-ID: CVE-2020-26143
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the target system.
The vulnerability exists due to the WEP, WPA, WPA2, and WPA3 implementations accept fragmented plaintext frames in a protected Wi-Fi network. A remote attacker on the local network can inject arbitrary data frames independent of the network configuration.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsGT25-WLAN: All versions
External linkshttp://ics-cert.us-cert.gov/advisories/icsa-22-102-04
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Spoofing attack
EUVDB-ID: #VU53097
Risk: Low
CVSSv3.1: 5 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:U/RL:U/RC:C]
CVE-ID: CVE-2020-26144
CWE-ID:
CWE-451 - User Interface (UI) Misrepresentation of Critical Information (Clickjacking, spoofing)
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform spoofing attack.
The vulnerability exists due to incorrect processing of user-supplied data in Windows Wireless Networking. A remote attacker on the local network can spoof page content.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsGT25-WLAN: All versions
External linkshttp://ics-cert.us-cert.gov/advisories/icsa-22-102-04
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Input validation error
EUVDB-ID: #VU53167
Risk: Low
CVSSv3.1: 5.2 [CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N/E:U/RL:U/RC:C]
CVE-ID: CVE-2020-26146
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the target system.
The vulnerability exists due to the WPA, WPA2, and WPA3 implementations reassemble fragments with non-consecutive packet numbers. A remote attacker on the local network can exfiltrate selected fragments.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsGT25-WLAN: All versions
External linkshttp://ics-cert.us-cert.gov/advisories/icsa-22-102-04
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
