JVN#38732359
Multiple Yamaha network devices vulnerable to denial-of-service (DoS)
Overview
Multiple network devices provided by Yamaha Corporation contain a denial-of-service (DoS) vulnerability.
Products Affected
- Yamaha LTE VoIP Router
- NVR700W firmware Rev.15.00.15 and earlier
- Yamaha Gigabit VoIP Router
- NVR510 firmware Rev.15.01.14 and earlier
- Yamaha Gigabit VPN Router
- RTX810 firmware Rev.11.01.33 and earlier
- RTX830 firmware Rev.15.02.09 and earlier
- RTX1200 firmware Rev.10.01.76 and earlier
- RTX1210 firmware Rev.14.01.33 and earlier
- RTX3500 firmware Rev.14.00.26 and earlier
- RTX5000 firmware Rev.14.00.26 and earlier
- Yamaha Broadband VoIP Router
- NVR500 firmware Rev.11.00.38 and earlier
- Yamaha Firewall
- FWX120 firmware Rev.11.03.27 and earlier
Description
Multiple network devices provided by Yamaha Corporation contain a denial-of-service (DoS) vulnerability (CWE-400) due to an issue in processing received packets.
Impact
A remote attacker may be able to cause a denial-of-service (DoS) condition.
Solution
Update the firmware
Update to the latest version of firmware according to the information provided by the developer.
Apply a workaround
If the latest version of firmware cannot be obtained or firmware update cannot be applied, one of the following workaround may mitigate the impact of this vulnerability as the workaround can stop the output of filter's log.
- Stop the output of filter's log by using the
ip filtercommand to setpass-nolog,reject-nologandrestrict-nolog. - Set
syslog noticeand stop output of NOTICE level's log.
Vendor Status
| Vendor | Status | Last Update | Vendor Notes |
|---|---|---|---|
| NIPPON TELEGRAPH AND TELEPHONE EAST CORPORATION | Vulnerable | 2020/04/01 | NIPPON TELEGRAPH AND TELEPHONE EAST CORPORATION website |
| NIPPON TELEGRAPH AND TELEPHONE WEST CORPORATION | Vulnerable | 2020/04/01 | NIPPON TELEGRAPH AND TELEPHONE WEST CORPORATION website |
| Yamaha Corporation | Vulnerable | 2020/03/31 | Yamaha Corporation website |
References
JPCERT/CC Addendum
Vulnerability Analysis by JPCERT/CC
| Attack Vector(AV) | Physical (P) | Local (L) | Adjacent (A) | Network (N) |
|---|---|---|---|---|
| Attack Complexity(AC) | High (H) | Low (L) | ||
| Privileges Required(PR) | High (H) | Low (L) | None (N) | |
| User Interaction(UI) | Required (R) | None (N) | ||
| Scope(S) | Unchanged (U) | Changed (C) | ||
| Confidentiality Impact(C) | None (N) | Low (L) | High (H) | |
| Integrity Impact(I) | None (N) | Low (L) | High (H) | |
| Availability Impact(A) | None (N) | Low (L) | High (H) |
| Access Vector(AV) | Local (L) | Adjacent Network (A) | Network (N) |
|---|---|---|---|
| Access Complexity(AC) | High (H) | Medium (M) | Low (L) |
| Authentication(Au) | Multiple (M) | Single (S) | None (N) |
| Confidentiality Impact(C) | None (N) | Partial (P) | Complete (C) |
| Integrity Impact(I) | None (N) | Partial (P) | Complete (C) |
| Availability Impact(A) | None (N) | Partial (P) | Complete (C) |
Credit
NIWA Naoya of Amano Lab, Dept. of Information and Computer Science, Faculty of Science and Technology, Keio University reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
Other Information
| JPCERT Alert | |
| JPCERT Reports | |
| CERT Advisory | |
| CPNI Advisory | |
| TRnotes | |
| CVE |
CVE-2020-5548 |
| JVN iPedia |
JVNDB-2020-000021 |
Update History
- 2020/04/01
- NIPPON TELEGRAPH AND TELEPHONE EAST CORPORATION update status
- 2020/04/01
- NIPPON TELEGRAPH AND TELEPHONE WEST CORPORATION update status