Vulnerabilities > CVE-2021-20596 - NULL Pointer Dereference vulnerability in Mitsubishielectric products

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

network

low complexity

mitsubishielectric

CWE-476

NVD

Published: 2021-07-22

Updated: 2021-08-02

Summary

NULL Pointer Dereference in MELSEC-F Series FX3U-ENET firmware version 1.14 and prior, FX3U-ENET-L firmware version 1.14 and prior and FX3U-ENET-P502 firmware version 1.14 and prior allows a remote unauthenticated attacker to cause a DoS condition in communication by sending specially crafted packets. Control by MELSEC-F series PLC is not affected and system reset is required for recovery.

Vulnerable Configurations

Part	Description	Count
OS	Mitsubishielectric Mitsubishielectric Fx3U Enet P502 Firmware - Mitsubishielectric Fx3U Enet L Firmware - Mitsubishielectric Fx3U Enet Firmware -	3

Common Weakness Enumeration (CWE)

CWE-476 - NULL Pointer Dereference

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

References