Vulnerabilities > CVE-2021-20608 - Unspecified vulnerability in Mitsubishielectric GX Works2
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
HIGH Summary
Improper Handling of Length Parameter Inconsistency vulnerability in Mitsubishi Electric GX Works2 versions 1.606G and prior allows a remote unauthenticated attacker to cause a DoS condition in GX Works2 by getting GX Works2 to read a tampered program file from a Mitsubishi Electric PLC by sending malicious crafted packets to tamper with the program file.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 6 |
References
- https://jvn.jp/vu/JVNVU93019896/index.html
- https://jvn.jp/vu/JVNVU93019896/index.html
- https://us-cert.cisa.gov/ics/advisories/icsa-21-350-04
- https://us-cert.cisa.gov/ics/advisories/icsa-21-350-04
- https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-020_en.pdf
- https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-020_en.pdf