Vulnerabilities > CVE-2021-20612 - Unspecified vulnerability in Mitsubishielectric products

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

network

low complexity

mitsubishielectric

NVD

Published: 2022-01-14

Updated: 2023-08-08

Summary

Lack of administrator control over security vulnerability in MELSEC-F series FX3U-ENET Firmware version 1.14 and prior, FX3U-ENET-L Firmware version 1.14 and prior and FX3U-ENET-P502 Firmware version 1.14 and prior allows a remote unauthenticated attacker to cause a denial-of-service (DoS) condition in communication function of the product or other unspecified effects by sending specially crafted packets to an unnecessary opening of TCP port. Control by MELSEC-F series PLC is not affected by this vulnerability, but system reset is required for recovery.

Vulnerable Configurations

Part	Description	Count
OS	Mitsubishielectric Mitsubishielectric Fx3U Enet Firmware - Mitsubishielectric Fx3U Enet L Firmware - Mitsubishielectric Fx3U Enet P502 Firmware -	3
Hardware	Mitsubishielectric Mitsubishielectric Fx3U Enet - Mitsubishielectric Fx3U Enet L - Mitsubishielectric Fx3U Enet P502 -	3

Summary

Vulnerable Configurations

References