← Back

CVE-2020-13238

nvd nist
Published: Jun 10, 2020Modified: Nov 21, 2024

JSON object

Loading...
7.5
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Exploitability: 3.9 / Impact: 3.6
Source: NVD

Description

Mitsubishi MELSEC iQ-R Series PLCs with firmware 33 allow attackers to halt the industrial process by sending an unauthenticated crafted packet over the network, because this denial of service attack consumes excessive CPU time. After halting, physical access to the PLC is required in order to restore production.

Affected (21)

Mitsubishielectric
21 products
Melsec Iq R00cpu Firmware
Melsec Iq R01cpu Firmware
Melsec Iq R02cpu Firmware
Melsec Iq R04cpu Firmware
Melsec Iq R08cpu Firmware
Melsec Iq R16cpu Firmware
Melsec Iq R32cpu Firmware
Melsec Iq R120cpu Firmware
Melsec Iq R08fcpu Firmware
Melsec Iq R16fcpu Firmware
Melsec Iq R32fcpu Firmware
Melsec Iq R120fcpu Firmware
Melsec Iq R08pcpu Firmware
Melsec Iq R16pcpu Firmware
Melsec Iq R32pcpu Firmware
Melsec Iq R120pcpu Firmware
Melsec Iq R08sfcpu Firmware
Melsec Iq R16sfcpu Firmware
Melsec Iq R32sfcpu Firmware
Melsec Iq R120sfcpu Firmware
Melsec Iq Rj71en71 Firmware
Configuration A
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Melsec Iq R00cpu Firmware
Up to 7
Running on/withPlatform Versions
Mitsubishielectric
Melsec Iq R00cpu
All versions
Configuration B
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Melsec Iq R01cpu Firmware
Up to 7
Running on/withPlatform Versions
Mitsubishielectric
Melsec Iq R01cpu
All versions
Configuration C
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Melsec Iq R02cpu Firmware
Up to 7
Running on/withPlatform Versions
Mitsubishielectric
Melsec Iq R02cpu
All versions
Configuration D
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Melsec Iq R04cpu Firmware
Up to 39
Running on/withPlatform Versions
Mitsubishielectric
Melsec Iq R04cpu
All versions
Configuration E
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Melsec Iq R08cpu Firmware
Up to 39
Running on/withPlatform Versions
Mitsubishielectric
Melsec Iq R08cpu
All versions
Configuration F
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Melsec Iq R16cpu Firmware
Up to 39
Running on/withPlatform Versions
Mitsubishielectric
Melsec Iq R16cpu
All versions
Configuration G
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Melsec Iq R32cpu Firmware
Up to 39
Running on/withPlatform Versions
Mitsubishielectric
Melsec Iq R32cpu
All versions
Configuration H
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Melsec Iq R120cpu Firmware
Up to 39
Running on/withPlatform Versions
Mitsubishielectric
Melsec Iq R120cpu
All versions
Configuration I
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Melsec Iq R08fcpu Firmware
Up to 20
Running on/withPlatform Versions
Mitsubishielectric
Melsec Iq R08fcpu
All versions
Configuration J
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Melsec Iq R16fcpu Firmware
Up to 20
Running on/withPlatform Versions
Mitsubishielectric
Melsec Iq R16fcpu
All versions
Configuration K
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Melsec Iq R32fcpu Firmware
Up to 20
Running on/withPlatform Versions
Mitsubishielectric
Melsec Iq R32fcpu
All versions
Configuration L
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Melsec Iq R120fcpu Firmware
Up to 20
Running on/withPlatform Versions
Mitsubishielectric
Melsec Iq R120fcpu
All versions
Configuration M
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Melsec Iq R08pcpu Firmware
All versions
Running on/withPlatform Versions
Mitsubishielectric
Melsec Iq R08pcpu
All versions
Configuration N
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Melsec Iq R16pcpu Firmware
All versions
Running on/withPlatform Versions
Mitsubishielectric
Melsec Iq R16pcpu
All versions
Configuration O
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Melsec Iq R32pcpu Firmware
All versions
Running on/withPlatform Versions
Mitsubishielectric
Melsec Iq R32pcpu
All versions
Configuration P
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Melsec Iq R120pcpu Firmware
All versions
Running on/withPlatform Versions
Mitsubishielectric
Melsec Iq R120pcpu
All versions
Configuration Q
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Melsec Iq R08sfcpu Firmware
All versions
Running on/withPlatform Versions
Mitsubishielectric
Melsec Iq R08sfcpu
All versions
Configuration R
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Melsec Iq R16sfcpu Firmware
All versions
Running on/withPlatform Versions
Mitsubishielectric
Melsec Iq R16sfcpu
All versions
Configuration S
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Melsec Iq R32sfcpu Firmware
All versions
Running on/withPlatform Versions
Mitsubishielectric
Melsec Iq R32sfcpu
All versions
Configuration T
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Melsec Iq R120sfcpu Firmware
All versions
Running on/withPlatform Versions
Mitsubishielectric
Melsec Iq R120sfcpu
All versions
Configuration U
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Melsec Iq Rj71en71 Firmware
All versions
Running on/withPlatform Versions
Mitsubishielectric
Melsec Iq Rj71en71
All versions

Related CWEs

CWE-400
Uncontrolled Resource Consumption
The product does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources.

References (6)

Source: cve@mitre.org
Third Party Advisory
Source: cve@mitre.org
Vendor Advisory
Source: cve@mitre.org
Third Party AdvisoryUS Government Resource
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryUS Government Resource

Timeline

No history available yet.