CVE Published: 30/10/2020 |
CVE Updated: 04/08/2024 |
CVE Year: 2020 Source: jpcert |
Vendor: Mitsubishi Electric Corporation |
Product: MELSEC iQ-R, Q and L series Status : PUBLISHED
CVE-2020-5652 Description
Uncontrolled resource consumption vulnerability in Ethernet Port on MELSEC iQ-R, Q and L series CPU modules (R 00/01/02 CPU firmware versions \'20\' and earlier, R 04/08/16/32/120 (EN) CPU firmware versions \'52\' and earlier, R 08/16/32/120 SFCPU firmware versions \'22\' and earlier, R 08/16/32/120 PCPU all versions, R 08/16/32/120 PSFCPU all versions, R 16/32/64 MTCPU all versions, Q03 UDECPU, Q 04/06/10/13/20/26/50/100 UDEHCPU serial number \'22081\' and earlier , Q 03/04/06/13/26 UDVCPU serial number \'22031\' and earlier, Q 04/06/13/26 UDPVCPU serial number \'22031\' and earlier, Q 172/173 DCPU all versions, Q 172/173 DSCPU all versions, Q 170 MCPU all versions, Q 170 MSCPU all versions, L 02/06/26 CPU (-P) and L 26 CPU - (P) BT all versions) allows a remote unauthenticated attacker to stop the Ethernet communication functions of the products via a specially crafted packet, which may lead to a denial of service (DoS) condition .