HIGH🇬🇧 English

CVE-2020-5668

CVSS 7.5v3.1pub. 2020-11-20upd. 2024-11-21

Uncontrolled resource consumption vulnerability in MELSEC iQ-R Series modules (R00/01/02CPU firmware version '19' and earlier, R04/08/16/32/120 (EN) CPU firmware version '51' and earlier, R08/16/32/120SFCPU firmware version '22' and earlier, R08/16/32/120PCPU firmware version '25' and earlier, R08/16/32/120PSFCPU firmware version '06' and earlier, RJ71EN71 firmware version '47' and earlier, RJ71GF11-T2 firmware version '47' and earlier, RJ72GF15-T2 firmware version '07' and earlier, RJ71GP21-SX firmware version '47' and earlier, RJ71GP21S-SX firmware version '47' and earlier, and RJ71GN11-T2 firmware version '11' and earlier) allows a remote unauthenticated attacker to cause an error in a CPU unit and cause a denial-of-service (DoS) condition in execution of the program and its communication, or to cause a denial-of-service (DoS) condition in communication via the unit by receiving a specially crafted SLMP packet

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  • Mitsubishielectric R00cpu

    HW
    Mitsubishielectric
    wszystkie wersje
  • Mitsubishielectric R00cpu Firmware

    OS
    Mitsubishielectric
    ≤ 19
  • Mitsubishielectric R01cpu

    HW
    Mitsubishielectric
    wszystkie wersje
  • Mitsubishielectric R01cpu Firmware

    OS
    Mitsubishielectric
    ≤ 19
  • Mitsubishielectric R02cpu

    HW
    Mitsubishielectric
    wszystkie wersje
  • Mitsubishielectric R02cpu Firmware

    OS
    Mitsubishielectric
    ≤ 19
  • Mitsubishielectric R04cpu

    HW
    Mitsubishielectric
    wszystkie wersje
  • Mitsubishielectric R04cpu Firmware

    OS
    Mitsubishielectric
    ≤ 51
  • Mitsubishielectric R08cpu

    HW
    Mitsubishielectric
    wszystkie wersje
  • Mitsubishielectric R08cpu Firmware

    OS
    Mitsubishielectric
    ≤ 51
  • Mitsubishielectric R08pcpu

    HW
    Mitsubishielectric
    wszystkie wersje
  • Mitsubishielectric R08pcpu Firmware

    OS
    Mitsubishielectric
    ≤ 25
  • Mitsubishielectric R08psfcpu

    HW
    Mitsubishielectric
    wszystkie wersje
  • Mitsubishielectric R08psfcpu Firmware

    OS
    Mitsubishielectric
    ≤ 06
  • Mitsubishielectric R08sfcpu

    HW
    Mitsubishielectric
    wszystkie wersje
  • Mitsubishielectric R08sfcpu Firmware

    OS
    Mitsubishielectric
    ≤ 22
  • Mitsubishielectric R120cpu

    HW
    Mitsubishielectric
    wszystkie wersje
  • Mitsubishielectric R120cpu Firmware

    OS
    Mitsubishielectric
    ≤ 51
  • Mitsubishielectric R120pcpu

    HW
    Mitsubishielectric
    wszystkie wersje
  • Mitsubishielectric R120pcpu Firmware

    OS
    Mitsubishielectric
    ≤ 25
  • Mitsubishielectric R120psfcpu

    HW
    Mitsubishielectric
    wszystkie wersje
  • Mitsubishielectric R120psfcpu Firmware

    OS
    Mitsubishielectric
    ≤ 06
  • Mitsubishielectric R120sfcpu

    HW
    Mitsubishielectric
    wszystkie wersje
  • Mitsubishielectric R120sfcpu Firmware

    OS
    Mitsubishielectric
    ≤ 22
  • Mitsubishielectric R16cpu

    HW
    Mitsubishielectric
    wszystkie wersje
  • Mitsubishielectric R16cpu Firmware

    OS
    Mitsubishielectric
    ≤ 51
  • Mitsubishielectric R16pcpu

    HW
    Mitsubishielectric
    wszystkie wersje
  • Mitsubishielectric R16pcpu Firmware

    OS
    Mitsubishielectric
    ≤ 25
  • Mitsubishielectric R16psfcpu

    HW
    Mitsubishielectric
    wszystkie wersje
  • Mitsubishielectric R16psfcpu Firmware

    OS
    Mitsubishielectric
    ≤ 06
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
Auth Bypass
CWE
Referencje

Powiązane podatności

CVE-2021-20599CRITICAL9.1ten sam produkt

Cleartext Transmission of Sensitive InformationCleartext transmission of sensitive information vulnerability i...

CVE-2021-20597CRITICAL9.1ten sam produkt

Insufficiently Protected Credentials vulnerability in Mitsubishi Electric MELSEC iQ-R series Safety CPU module...

CVE-2020-16226CRITICAL9.8ten sam produkt

Multiple Mitsubishi Electric products are vulnerable to impersonations of a legitimate device by a malicious a...

CVE-2022-40265HIGH8.6ten sam produkt

Improper Input Validation vulnerability in Mitsubishi Electric Corporation MELSEC iQ-R Series RJ71EN71 Firmwar...

CVE-2021-20594HIGH7.5ten sam produkt

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Mitsubishi Electric MELSEC iQ-R se...