MEDIUM🇵🇱 Wersja polska

CVE-2021-20600

CVSS 5.9v3.1pub. 2021-10-08upd. 2024-11-21

Uncontrolled resource consumption in Mitsubishi Electric MELSEC iQ-R series C Controller Module R12CCPU-V Firmware Versions "16" and prior allows a remote unauthenticated attacker to cause a denial-of-service (DoS) condition by sending a large number of packets in a short time while the module starting up. System reset is required for recovery.

CVSS Vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
  • Mitsubishielectric R12ccpu V

    HW
    Mitsubishielectric
    wszystkie wersje
  • Mitsubishielectric R12ccpu V Firmware

    OS
    Mitsubishielectric
    ≤ 16
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
Auth Bypass
CWE
References

Related vulnerabilities

CVE-2020-16226CRITICAL9.8ten sam produkt

Multiple Mitsubishi Electric products are vulnerable to impersonations of a legitimate device by a malicious a...

CVE-2020-5531CRITICAL9.8ten sam produkt

Mitsubishi Electric MELSEC C Controller Module and MELIPC Series MI5000 MELSEC-Q Series C Controller Module(Q2...

CVE-2023-6943CRITICAL9.8PL ✓ten sam vendor

Unsafe Reflection w oprogramowaniu Mitsubishi Electric — zdalne wykonanie kodu

CVE-2023-4699CRITICAL10.0ten sam vendor

Missing Authentication for Critical Function vulnerability in Mitsubishi Electric Corporation MELSEC-F Series ...

CVE-2023-4562CRITICAL9.1ten sam vendor

Improper Authentication vulnerability in Mitsubishi Electric Corporation MELSEC-F Series main modules allows a...