CVE-2020-5527
First published: Mon Mar 30 2020(Updated: )
When MELSOFT transmission port (UDP/IP) of Mitsubishi Electric MELSEC iQ-R series (all versions), MELSEC iQ-F series (all versions), MELSEC Q series (all versions), MELSEC L series (all versions), and MELSEC F series (all versions) receives massive amount of data via unspecified vectors, resource consumption occurs and the port does not process the data properly. As a result, it may fall into a denial-of-service (DoS) condition. The vendor states this vulnerability only affects Ethernet communication functions.
Credit: vultures@jpcert.or.jp
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Mitsubishi Electric CR800-Q | ||
| Mitsubishi Electric CR800-Q | ||
| Mitsubishi Electric FX3G Firmware | ||
| Mitsubishi Electric FX3G | ||
| Mitsubishi Electric FX3GC Firmware | ||
| Mitsubishi Electric FX3GC Firmware | ||
| Mitsubishi Electric FX3S Firmware | ||
| Mitsubishi Electric FX3S Firmware | ||
| Mitsubishi Electric FX3U Firmware | ||
| Mitsubishi Electric FX3U Firmware | ||
| Mitsubishielectric Fx3uc Firmware | ||
| Mitsubishielectric Fx3uc Firmware | ||
| Mitsubishi Electric FX5U Firmware | ||
| Mitsubishi Electric FX5U | ||
| Mitsubishielectric Fx5uc Firmware | ||
| Mitsubishielectric Fx5uc Firmware | ||
| Mitsubishi Electric FX5UJ Firmware | ||
| Mitsubishi Electric FX5UJ | ||
| Mitsubishi Melsec L02CPU-P Firmware | ||
| Mitsubishi Electric L02CPU | ||
| Mitsubishi Electric Melsec L02CPU-P Firmware | ||
| Mitsubishi Electric Melsec L02CPU-P | ||
| Mitsubishi Electric L02SC CPU | ||
| Mitsubishi Electric L02SC CPU | ||
| Mitsubishi Electric L02SC CPU | ||
| Mitsubishi Electric L02SC CPU | ||
| Mitsubishi Melsec L06CPU(-P) Firmware | ||
| Mitsubishi Electric L06CPU | ||
| Mitsubishielectric Melsec L06cpu-p Firmware | ||
| Mitsubishi Electric Melsec L06CPU-P | ||
| Mitsubishi Electric L26CPU Firmware | ||
| Mitsubishi Electric L26CPU | ||
| Mitsubishi Electric L26CPU-BT | ||
| Mitsubishi Electric L26CPU-BT | ||
| Mitsubishi Electric Melsec L26CPU-P Firmware | ||
| Mitsubishi Electric Melsec L26CPU-P | ||
| Mitsubishi Electric Melsec L26CPU-PBT Firmware | ||
| Mitsubishielectric Melsec L26cpu-pbt | ||
| Mitsubishielectric Q02phcpu | ||
| Mitsubishi Electric Q02PHCPU Firmware | ||
| Mitsubishi Electric Q06PHCPU | ||
| Mitsubishielectric Q06phcpu Firmware | ||
| Mitsubishielectric Q12dccpu-v | ||
| Mitsubishielectric Q12dccpu-v Firmware | ||
| Mitsubishielectric Q12phcpu Firmware | ||
| Mitsubishi Electric Q12PHCPU | ||
| Mitsubishi Electric Q12PRHCPU | ||
| Mitsubishielectric Q12prhcpu Firmware | ||
| Mitsubishi Electric Q172DSCPU Firmware | ||
| Mitsubishi Electric Q172DSCPU Firmware | ||
| Mitsubishi Electric Q173DScpu Firmware | ||
| Mitsubishi Electric Q173DScpu Firmware | ||
| Mitsubishi Electric Q173NCCPU | ||
| Mitsubishi Electric Q173NCCPU | ||
| Mitsubishi Electric Q24DHCCPU-LS | ||
| Mitsubishi Electric Q24DHCCPU-LS | ||
| Mitsubishi Melsec Q24dhccpu-v(g) Firmware | ||
| Mitsubishi Electric Q24DHCCPU-V | ||
| Mitsubishi Electric Q24DHCCPU-VG2 | ||
| Mitsubishielectric Q24dhccpu-vg2 Firmware | ||
| Mitsubishi Electric Q25PHCPU | ||
| Mitsubishi Electric Q25PHCPU | ||
| Mitsubishielectric Q25prhcpu | ||
| Mitsubishielectric Q25prhcpu Firmware | ||
| Mitsubishi Electric Q26DHCCPU-LS | ||
| Mitsubishielectric Q26dhccpu-ls Firmware | ||
| Mitsubishi Electric R00CPU Firmware | ||
| Mitsubishi Electric R00CPU | ||
| Mitsubishi Electric R01CPU | ||
| Mitsubishi Electric R01CPU | ||
| Mitsubishielectric R02cpu | ||
| Mitsubishielectric R02cpu Firmware | ||
| Mitsubishi Electric R04CPU | ||
| Mitsubishi Electric R04CPU | ||
| Mitsubishi Electric Rnencpu (n=04/08/16/32/120) Firmware | ||
| Mitsubishielectric R04encpu Firmware | ||
| Mitsubishi Electric R08CPU Firmware | ||
| Mitsubishi Electric R08CPU Firmware | ||
| Mitsubishielectric R08encpu Firmware | ||
| Mitsubishielectric R08encpu Firmware | ||
| Mitsubishi Electric R120CPU | ||
| Mitsubishi Electric R120PCPU | ||
| Mitsubishi Electric R120ENCPU | ||
| Mitsubishi Electric R120ENCPU | ||
| Mitsubiushi Electric R16cpu Firmware | ||
| Mitsubishi Electric R16CPU | ||
| Mitsubishielectric R16encpu | ||
| Mitsubishielectric R16encpu Firmware | ||
| Mitsubishielectric R32cpu | ||
| Mitsubishielectric R32cpu Firmware | ||
| Mitsubishi Electric R32 ENCPU | ||
| Mitsubishi Electric R32 encpu |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2020-5527?
The CVE-2020-5527 vulnerability is classified with a high severity level due to its potential to allow resource exhaustion.
How do I fix CVE-2020-5527?
To fix CVE-2020-5527, update the firmware of your affected Mitsubishi Electric MELSEC devices to the latest version provided by the vendor.
Which Mitsubishi Electric MELSEC series are affected by CVE-2020-5527?
CVE-2020-5527 affects the MELSEC iQ-R, iQ-F, Q, L, and F series of Mitsubishi Electric controllers.
How does CVE-2020-5527 impact MELSEC devices?
CVE-2020-5527 impacts MELSEC devices by enabling massive data input through UDP/IP, potentially leading to resource exhaustion.
Is there any known exploit for CVE-2020-5527?
As of now, there is no publicly known exploit specifically targeting CVE-2020-5527.
- agent/references
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/weakness
- agent/last-modified-date
- agent/severity
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/mitsubishielectric
- canonical/mitsubishi electric cr800-q
- canonical/mitsubishi electric fx3g firmware
- canonical/mitsubishi electric fx3g
- canonical/mitsubishi electric fx3gc firmware
- canonical/mitsubishi electric fx3s firmware
- canonical/mitsubishi electric fx3u firmware
- canonical/mitsubishielectric fx3uc firmware
- canonical/mitsubishi electric fx5u firmware
- canonical/mitsubishi electric fx5u
- canonical/mitsubishielectric fx5uc firmware
- canonical/mitsubishi electric fx5uj firmware
- canonical/mitsubishi electric fx5uj
- canonical/mitsubishi melsec l02cpu-p firmware
- canonical/mitsubishi electric l02cpu
- canonical/mitsubishi electric melsec l02cpu-p firmware
- canonical/mitsubishi electric melsec l02cpu-p
- canonical/mitsubishi electric l02sc cpu
- canonical/mitsubishi melsec l06cpu(-p) firmware
- canonical/mitsubishi electric l06cpu
- canonical/mitsubishielectric melsec l06cpu-p firmware
- canonical/mitsubishi electric melsec l06cpu-p
- canonical/mitsubishi electric l26cpu firmware
- canonical/mitsubishi electric l26cpu
- canonical/mitsubishi electric l26cpu-bt
- canonical/mitsubishi electric melsec l26cpu-p firmware
- canonical/mitsubishi electric melsec l26cpu-p
- canonical/mitsubishi electric melsec l26cpu-pbt firmware
- canonical/mitsubishielectric melsec l26cpu-pbt
- canonical/mitsubishielectric q02phcpu
- canonical/mitsubishi electric q02phcpu firmware
- canonical/mitsubishi electric q06phcpu
- canonical/mitsubishielectric q06phcpu firmware
- canonical/mitsubishielectric q12dccpu-v
- canonical/mitsubishielectric q12dccpu-v firmware
- canonical/mitsubishielectric q12phcpu firmware
- canonical/mitsubishi electric q12phcpu
- canonical/mitsubishi electric q12prhcpu
- canonical/mitsubishielectric q12prhcpu firmware
- canonical/mitsubishi electric q172dscpu firmware
- canonical/mitsubishi electric q173dscpu firmware
- canonical/mitsubishi electric q173nccpu
- canonical/mitsubishi electric q24dhccpu-ls
- canonical/mitsubishi melsec q24dhccpu-v(g) firmware
- canonical/mitsubishi electric q24dhccpu-v
- canonical/mitsubishi electric q24dhccpu-vg2
- canonical/mitsubishielectric q24dhccpu-vg2 firmware
- canonical/mitsubishi electric q25phcpu
- canonical/mitsubishielectric q25prhcpu
- canonical/mitsubishielectric q25prhcpu firmware
- canonical/mitsubishi electric q26dhccpu-ls
- canonical/mitsubishielectric q26dhccpu-ls firmware
- canonical/mitsubishi electric r00cpu firmware
- canonical/mitsubishi electric r00cpu
- canonical/mitsubishi electric r01cpu
- canonical/mitsubishielectric r02cpu
- canonical/mitsubishielectric r02cpu firmware
- canonical/mitsubishi electric r04cpu
- canonical/mitsubishi electric rnencpu (n=04/08/16/32/120) firmware
- canonical/mitsubishielectric r04encpu firmware
- canonical/mitsubishi electric r08cpu firmware
- canonical/mitsubishielectric r08encpu firmware
- canonical/mitsubishi electric r120cpu
- canonical/mitsubishi electric r120pcpu
- canonical/mitsubishi electric r120encpu
- canonical/mitsubiushi electric r16cpu firmware
- canonical/mitsubishi electric r16cpu
- canonical/mitsubishielectric r16encpu
- canonical/mitsubishielectric r16encpu firmware
- canonical/mitsubishielectric r32cpu
- canonical/mitsubishielectric r32cpu firmware
- canonical/mitsubishi electric r32 encpu