Vulnerabilities > CVE-2020-5531 - Unspecified vulnerability in Mitsubishielectric products

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

mitsubishielectric

NVD

Published: 2020-02-17

Updated: 2020-03-04

Summary

Mitsubishi Electric MELSEC C Controller Module and MELIPC Series MI5000 MELSEC-Q Series C Controller Module(Q24DHCCPU-V, Q24DHCCPU-VG User Ethernet port (CH1, CH2): First 5 digits of serial number 21121 or before), MELSEC iQ-R Series C Controller Module / C Intelligent Function Module(R12CCPU-V Ethernet port (CH1, CH2): First 2 digits of serial number 11 or before, and RD55UP06-V Ethernet port: First 2 digits of serial number 08 or before), and MELIPC Series MI5000(MI5122-VW Ethernet port (CH1): First 2 digits of serial number 03 or before, or the firmware version 03 or before) allow remote attackers to cause a denial of service and/or malware being executed via unspecified vectors.

Vulnerable Configurations

Part	Description	Count
OS	Mitsubishielectric Mitsubishielectric Mi5122 VW Firmware * Mitsubishielectric Q24Dhccpu V Firmware * Mitsubishielectric Q24Dhccpu VG Firmware * Mitsubishielectric R12Ccpu V Firmware * Mitsubishielectric Rd55Up06 V Firmware *	5
Hardware	Mitsubishielectric Mitsubishielectric Mi5122 VW - Mitsubishielectric Q24Dhccpu V - Mitsubishielectric Q24Dhccpu VG - Mitsubishielectric R12Ccpu V - Mitsubishielectric Rd55Up06 V -	5

Summary

Vulnerable Configurations

References