HIGH🇵🇱 Wersja polska

CVE-2020-16850

CVSS 7.5v3.1pub. 2020-11-30upd. 2024-11-21

Mitsubishi MELSEC iQ-R Series PLCs with firmware 49 allow an unauthenticated attacker to halt the industrial process by sending a crafted packet over the network. This denial of service attack exposes Improper Input Validation. After halting, physical access to the PLC is required in order to restore production, and the device state is lost. This is related to R04CPU, RJ71GF11-T2, R04CPU, and RJ71GF11-T2.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  • Mitsubishielectric R00cpu

    HW
    Mitsubishielectric
    wszystkie wersje
  • Mitsubishielectric R00cpu Firmware

    OS
    Mitsubishielectric
    ≤ 20
  • Mitsubishielectric R01cpu

    HW
    Mitsubishielectric
    wszystkie wersje
  • Mitsubishielectric R01cpu Firmware

    OS
    Mitsubishielectric
    ≤ 20
  • Mitsubishielectric R02cpu

    HW
    Mitsubishielectric
    wszystkie wersje
  • Mitsubishielectric R02cpu Firmware

    OS
    Mitsubishielectric
    ≤ 20
  • Mitsubishielectric R04cpu

    HW
    Mitsubishielectric
    wszystkie wersje
  • Mitsubishielectric R04cpu Firmware

    OS
    Mitsubishielectric
    ≤ 52
  • Mitsubishielectric R08cpu

    HW
    Mitsubishielectric
    wszystkie wersje
  • Mitsubishielectric R08cpu Firmware

    OS
    Mitsubishielectric
    ≤ 52
  • Mitsubishielectric R08pcpu

    HW
    Mitsubishielectric
    wszystkie wersje
  • Mitsubishielectric R08pcpu Firmware

    OS
    Mitsubishielectric
    wszystkie wersje
  • Mitsubishielectric R08sfcpu

    HW
    Mitsubishielectric
    wszystkie wersje
  • Mitsubishielectric R08sfcpu Firmware

    OS
    Mitsubishielectric
    ≤ 22
  • Mitsubishielectric R120cpu

    HW
    Mitsubishielectric
    wszystkie wersje
  • Mitsubishielectric R120cpu Firmware

    OS
    Mitsubishielectric
    ≤ 52
  • Mitsubishielectric R120pcpu

    HW
    Mitsubishielectric
    wszystkie wersje
  • Mitsubishielectric R120pcpu Firmware

    OS
    Mitsubishielectric
    wszystkie wersje
  • Mitsubishielectric R120sfcpu

    HW
    Mitsubishielectric
    wszystkie wersje
  • Mitsubishielectric R120sfcpu Firmware

    OS
    Mitsubishielectric
    ≤ 22
  • Mitsubishielectric R16cpu

    HW
    Mitsubishielectric
    wszystkie wersje
  • Mitsubishielectric R16cpu Firmware

    OS
    Mitsubishielectric
    ≤ 52
  • Mitsubishielectric R16mtcpu

    HW
    Mitsubishielectric
    wszystkie wersje
  • Mitsubishielectric R16mtcpu Firmware

    OS
    Mitsubishielectric
    wszystkie wersje
  • Mitsubishielectric R16pcpu

    HW
    Mitsubishielectric
    wszystkie wersje
  • Mitsubishielectric R16pcpu Firmware

    OS
    Mitsubishielectric
    wszystkie wersje
  • Mitsubishielectric R16sfcpu

    HW
    Mitsubishielectric
    wszystkie wersje
  • Mitsubishielectric R16sfcpu Firmware

    OS
    Mitsubishielectric
    ≤ 22
  • Mitsubishielectric R32cpu

    HW
    Mitsubishielectric
    wszystkie wersje
  • Mitsubishielectric R32cpu Firmware

    OS
    Mitsubishielectric
    ≤ 52
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
Auth BypassDoS
CWE
References

Related vulnerabilities

CVE-2021-20599CRITICAL9.1ten sam produkt

Cleartext Transmission of Sensitive InformationCleartext transmission of sensitive information vulnerability i...

CVE-2021-20597CRITICAL9.1ten sam produkt

Insufficiently Protected Credentials vulnerability in Mitsubishi Electric MELSEC iQ-R series Safety CPU module...

CVE-2021-20594HIGH7.5ten sam produkt

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Mitsubishi Electric MELSEC iQ-R se...

CVE-2021-20591HIGH7.5ten sam produkt

Uncontrolled Resource Consumption vulnerability in Mitsubishi Electric MELSEC iQ-R series CPU modules (R00/01/...

CVE-2020-5668HIGH7.5ten sam produkt

Uncontrolled resource consumption vulnerability in MELSEC iQ-R Series modules (R00/01/02CPU firmware version '...