CVE-2020-5548

EUVD-2020-26710

01.04.2020, 12:15

Yamaha LTE VoIP Router(NVR700W firmware Rev.15.00.15 and earlier), Yamaha Gigabit VoIP Router(NVR510 firmware Rev.15.01.14 and earlier), Yamaha Gigabit VPN Router(RTX810 firmware Rev.11.01.33 and earlier, RTX830 firmware Rev.15.02.09 and earlier, RTX1200 firmware Rev.10.01.76 and earlier, RTX1210 firmware Rev.14.01.33 and earlier, RTX3500 firmware Rev.14.00.26 and earlier, and RTX5000 firmware Rev.14.00.26 and earlier), Yamaha Broadband VoIP Router(NVR500 firmware Rev.11.00.38 and earlier), and Yamaha Firewall(FWX120 firmware Rev.11.03.27 and earlier) allow remote attackers to cause a denial of service via unspecified vectors.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	7.5 HIGH	NETWORK	LOW	NONE	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Base Score

CVSS 3.x

EPSS Score

Percentile: 79%

Affected Products (NVD)

Vendor	Product	Version
yamaha	rtx830_firmware	𝑥 ≤ 15.02.09
yamaha	nvr510_firmware	𝑥 ≤ 15.01.14
yamaha	nvr700w_firmware	𝑥 ≤ 15.00.15
yamaha	rtx1210_firmware	𝑥 ≤ 14.01.33
yamaha	rtx5000_firmware	𝑥 ≤ 14.00.26
yamaha	rtx3500_firmware	𝑥 ≤ 14.00.26
yamaha	fwx120_firmware	𝑥 ≤ 11.03.27
yamaha	rtx810_firmware	𝑥 ≤ 11.01.33
yamaha	nvr500_firmware	𝑥 ≤ 11.00.38
yamaha	rtx1200_firmware	𝑥 ≤ 10.01.76

𝑥

= Vulnerable software versions

References

http://www.rtpro.yamaha.co.jp/RT/FAQ/Security/JVN38732359.html

https://jvn.jp/en/jp/JVN38732359/index.html

http://www.rtpro.yamaha.co.jp/RT/FAQ/Security/JVN38732359.html

https://jvn.jp/en/jp/JVN38732359/index.html