CVE-2021-20610
Published: Dec 1, 2021
Modified: Aug 3, 2024
CVSS v3.1
7.5
Description
Improper Handling of Length Parameter Inconsistency vulnerability in Mitsubishi Electric MELSEC iQ-R Series R00/01/02CPU, MELSEC iQ-R Series R04/08/16/32/120(EN)CPU, MELSEC iQ-R Series R08/16/32/120SFCPU, MELSEC iQ-R Series R08/16/32/120PCPU, MELSEC iQ-R Series R08/16/32/120PSFCPU, MELSEC iQ-R Series R16/32/64MTCPU, MELSEC iQ-R Series R12CCPU-V, MELSEC Q Series Q03UDECPU, MELSEC Q Series Q04/06/10/13/20/26/50/100UDEHCPU, MELSEC Q Series Q03/04/06/13/26UDVCPU, MELSEC Q Series Q04/06/13/26UDPVCPU, MELSEC Q Series Q12DCCPU-V, MELSEC Q Series Q24DHCCPU-V(G), MELSEC Q Series Q24/26DHCCPU-LS, MELSEC Q Series MR-MQ100, MELSEC Q Series Q172/173DCPU-S1, MELSEC Q Series Q172/173DSCPU, MELSEC Q Series Q170MCPU, MELSEC Q Series Q170MSCPU(-S1), MELSEC L Series L02/06/26CPU(-P), MELSEC L Series L26CPU-(P)BT and MELIPC Series MI5122-VW allows a remote unauthenticated attacker to cause a denial-of-service (DoS) condition by sending specially crafted packets. System reset is required for recovery.
| Vendor | Product | Versions |
|---|---|---|
Mitsubishi Electric Corporation | MELSEC iQ-R Series R00CPU | affected Firmware versions "24" and prior |
Mitsubishi Electric Corporation | MELSEC iQ-R Series R01CPU | affected Firmware versions "24" and prior |
Mitsubishi Electric Corporation | MELSEC iQ-R Series R02CPU | affected Firmware versions "24" and prior |
Mitsubishi Electric Corporation | MELSEC iQ-R Series R04CPU | affected Firmware versions "57" and prior |
Mitsubishi Electric Corporation | MELSEC iQ-R Series R08CPU | affected Firmware versions "57" and prior |
Mitsubishi Electric Corporation | MELSEC iQ-R Series R16CPU | affected Firmware versions "57" and prior |
Mitsubishi Electric Corporation | MELSEC iQ-R Series R32CPU | affected Firmware versions "57" and prior |
Mitsubishi Electric Corporation | MELSEC iQ-R Series R120CPU | affected Firmware versions "57" and prior |
Mitsubishi Electric Corporation | MELSEC iQ-R Series R04ENCPU | affected Firmware versions "57" and prior |
Mitsubishi Electric Corporation | MELSEC iQ-R Series R08ENCPU | affected Firmware versions "57" and prior |
Mitsubishi Electric Corporation | MELSEC iQ-R Series R16ENCPU | affected Firmware versions "57" and prior |
Mitsubishi Electric Corporation | MELSEC iQ-R Series R32ENCPU | affected Firmware versions "57" and prior |
Mitsubishi Electric Corporation | MELSEC iQ-R Series R120ENCPU | affected Firmware versions "57" and prior |
Mitsubishi Electric Corporation | MELSEC iQ-R Series R08SFCPU | affected Firmware versions "26" and prior |
Mitsubishi Electric Corporation | MELSEC iQ-R Series R16SFCPU | affected Firmware versions "26" and prior |
Mitsubishi Electric Corporation | MELSEC iQ-R Series R32SFCPU | affected Firmware versions "26" and prior |
Mitsubishi Electric Corporation | MELSEC iQ-R Series R120SFCPU | affected Firmware versions "26" and prior |
Mitsubishi Electric Corporation | MELSEC iQ-R Series R08PCPU | affected Firmware versions "29" and prior |
Mitsubishi Electric Corporation | MELSEC iQ-R Series R16PCPU | affected Firmware versions "29" and prior |
Mitsubishi Electric Corporation | MELSEC iQ-R Series R32PCPU | affected Firmware versions "29" and prior |
Mitsubishi Electric Corporation | MELSEC iQ-R Series R120PCPU | affected Firmware versions "29" and prior |
Mitsubishi Electric Corporation | MELSEC iQ-R Series R08PSFCPU | affected Firmware versions "08" and prior |
Mitsubishi Electric Corporation | MELSEC iQ-R Series R16PSFCPU | affected Firmware versions "08" and prior |
Mitsubishi Electric Corporation | MELSEC iQ-R Series R32PSFCPU | affected Firmware versions "08" and prior |
Mitsubishi Electric Corporation | MELSEC iQ-R Series R120PSFCPU | affected Firmware versions "08" and prior |
Mitsubishi Electric Corporation | MELSEC iQ-R Series R16MTCPU | affected Operating system software version "23" and prior |
Mitsubishi Electric Corporation | MELSEC iQ-R Series R32MTCPU | affected Operating system software version "23" and prior |
Mitsubishi Electric Corporation | MELSEC iQ-R Series R64MTCPU | affected Operating system software version "23" and prior |
Mitsubishi Electric Corporation | MELSEC iQ-R Series R12CCPU-V | affected Firmware versions "16" and prior |
Mitsubishi Electric Corporation | MELSEC Q Series Q03UDECPU | affected The first 5 digits of serial No. "23121" and prior |
Mitsubishi Electric Corporation | MELSEC Q Series Q04UDEHCPU | affected The first 5 digits of serial No. "23121" and prior |
Mitsubishi Electric Corporation | MELSEC Q Series Q06UDEHCPU | affected The first 5 digits of serial No. "23121" and prior |
Mitsubishi Electric Corporation | MELSEC Q Series Q10UDEHCPU | affected The first 5 digits of serial No. "23121" and prior |
Mitsubishi Electric Corporation | MELSEC Q Series Q13UDEHCPU | affected The first 5 digits of serial No. "23121" and prior |
Mitsubishi Electric Corporation | MELSEC Q Series Q20UDEHCPU | affected The first 5 digits of serial No. "23121" and prior |
Mitsubishi Electric Corporation | MELSEC Q Series Q26UDEHCPU | affected The first 5 digits of serial No. "23121" and prior |
Mitsubishi Electric Corporation | MELSEC Q Series Q50UDEHCPU | affected The first 5 digits of serial No. "23121" and prior |
Mitsubishi Electric Corporation | MELSEC Q Series Q100UDEHCPU | affected The first 5 digits of serial No. "23121" and prior |
Mitsubishi Electric Corporation | MELSEC Q Series Q03UDVCPU | affected The first 5 digits of serial No. "23071" and prior |
Mitsubishi Electric Corporation | MELSEC Q Series Q04UDVCPU | affected The first 5 digits of serial No. "23071" and prior |
Mitsubishi Electric Corporation | MELSEC Q Series Q06UDVCPU | affected The first 5 digits of serial No. "23071" and prior |
Mitsubishi Electric Corporation | MELSEC Q Series Q13UDVCPU | affected The first 5 digits of serial No. "23071" and prior |
Mitsubishi Electric Corporation | MELSEC Q Series Q26UDVCPU | affected The first 5 digits of serial No. "23071" and prior |
Mitsubishi Electric Corporation | MELSEC Q Series Q04UDPVCPU | affected The first 5 digits of serial No. "23071" and prior |
Mitsubishi Electric Corporation | MELSEC Q Series Q06UDPVCPU | affected The first 5 digits of serial No. "23071" and prior |
Mitsubishi Electric Corporation | MELSEC Q Series Q13UDPVCPU | affected The first 5 digits of serial No. "23071" and prior |
Mitsubishi Electric Corporation | MELSEC Q Series Q26UDPVCPU | affected The first 5 digits of serial No. "23071" and prior |
Mitsubishi Electric Corporation | MELSEC Q Series Q12DCCPU-V | affected The first 5 digits of serial No. "24031" and prior |
Mitsubishi Electric Corporation | MELSEC Q Series Q24DHCCPU-V | affected The first 5 digits of serial No. "24031" and prior |
Mitsubishi Electric Corporation | MELSEC Q Series Q24DHCCPU-VG | affected The first 5 digits of serial No. "24031" and prior |
Mitsubishi Electric Corporation | MELSEC Q Series Q24DHCCPU-LS | affected The first 5 digits of serial No. "24031" and prior |
Mitsubishi Electric Corporation | MELSEC Q Series Q26DHCCPU-LS | affected The first 5 digits of serial No. "24031" and prior |
Mitsubishi Electric Corporation | MELSEC Q Series MR-MQ100 | affected Operating system software version "F" and prior |
Mitsubishi Electric Corporation | MELSEC Q Series Q172DCPU-S1 | affected Operating system software version "W" and prior |
Mitsubishi Electric Corporation | MELSEC Q Series Q173DCPU-S1 | affected Operating system software version "W" and prior |
Mitsubishi Electric Corporation | MELSEC Q Series Q172DSCPU | affected Operating system software version "Y" and prior |
Mitsubishi Electric Corporation | MELSEC Q Series Q173DSCPU | affected Operating system software version "Y" and prior |
Mitsubishi Electric Corporation | MELSEC Q Series Q170MCPU | affected Operating system software version "W" and prior |
Mitsubishi Electric Corporation | MELSEC Q Series Q170MSCPU | affected Operating system software version "Y" and prior |
Mitsubishi Electric Corporation | MELSEC Q Series Q170MSCPU-S1 | affected Operating system software version "Y" and prior |
Mitsubishi Electric Corporation | MELSEC L Series L02CPU | affected The first 5 digits of serial No. "23121" and prior |
Mitsubishi Electric Corporation | MELSEC L Series L06CPU | affected The first 5 digits of serial No. "23121" and prior |
Mitsubishi Electric Corporation | MELSEC L Series L26CPU | affected The first 5 digits of serial No. "23121" and prior |
Mitsubishi Electric Corporation | MELSEC L Series L02CPU-P | affected The first 5 digits of serial No. "23121" and prior |
Mitsubishi Electric Corporation | MELSEC L Series L06CPU-P | affected The first 5 digits of serial No. "23121" and prior |
Mitsubishi Electric Corporation | MELSEC L Series L26CPU-P | affected The first 5 digits of serial No. "23121" and prior |
Mitsubishi Electric Corporation | MELSEC L Series L26CPU-BT | affected The first 5 digits of serial No. "23121" and prior |
Mitsubishi Electric Corporation | MELSEC L Series L26CPU-PBT | affected The first 5 digits of serial No. "23121" and prior |
Mitsubishi Electric Corporation | MELIPC Series MI5122-VW | affected Firmware versions "05" and prior |
Weaknesses (CWE)
CVSS v3.1 Details
CVSS v3.1 Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now