Vulnerabilities > CVE-2020-5658 - Unspecified vulnerability in Mitsubishielectric products

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

network

low complexity

mitsubishielectric

NVD

Published: 2020-11-02

Updated: 2021-07-21

Summary

Resource Management Errors vulnerability in TCP/IP function included in the firmware of MELSEC iQ-R series (RJ71EIP91 EtherNet/IP Network Interface Module First 2 digits of serial number are '02' or before, RJ71PN92 PROFINET IO Controller Module First 2 digits of serial number are '01' or before, RD81DL96 High Speed Data Logger Module First 2 digits of serial number are '08' or before, RD81MES96N MES Interface Module First 2 digits of serial number are '04' or before, and RD81OPC96 OPC UA Server Module First 2 digits of serial number are '04' or before) allows a remote unauthenticated attacker to stop the network functions of the products via a specially crafted packet.

Vulnerable Configurations

Part	Description	Count
OS	Mitsubishielectric Mitsubishielectric Melsec IQ Rj71Eip91 Firmware - Mitsubishielectric Melsec IQ Rj71Pn92 Firmware - Mitsubishielectric Melsec IQ Rd81Dl96 Firmware - Mitsubishielectric Melsec IQ Rd81Mes96N Firmware - Mitsubishielectric Melsec IQ Rd81Opc96 Firmware -	5
Hardware	Mitsubishielectric Mitsubishielectric Melsec IQ Rj71Eip91 - Mitsubishielectric Melsec IQ Rj71Pn92 - Mitsubishielectric Melsec IQ Rd81Dl96 - Mitsubishielectric Melsec IQ Rd81Mes96N - Mitsubishielectric Melsec IQ Rd81Opc96 -	5

Summary

Vulnerable Configurations

References