CVE-2020-5546

Vulnerability

An improper neutralization of argument delimiters in a command ('Argument Injection') vulnerability exists in the TCP function included in the firmware of Mitsubishi Electric MELQIC IU1 series IU1-1M20-D firmware version 1.0.7 and earlier [1]. This CWE-88 vulnerability allows an attacker on the same network segment to inject arguments into a command executed by the device's TCP/IP stack via a specially crafted packet [1].

Exploitation

An attacker on the same network segment as the affected device can send a specially crafted packet to trigger the argument injection [1]. The attacker does not require authentication, only network access to the device [1]. The attack vector is network-based, exploiting the TCP function without any user interaction [1].

Impact

Successful exploitation allows the attacker to stop the network functions of the device or execute malware [1]. This could lead to denial of service or arbitrary code execution, compromising the confidentiality, integrity, and availability of the device and potentially the network it serves [1]. The attacker gains the ability to disrupt operations or deploy malicious software on the affected hardware [1].

Mitigation

The fixed firmware version is 1.08 or later, which should be applied using IU Configuration Tool version 1.04 or later [1]. As a workaround, restricting access to the network from untrusted hosts and networks can mitigate the risk [1]. No public KEV listing or EOL status is mentioned in the references.