high
7.5
CWE
400
Advisory Published
Updated

CVE-2020-5652

First published: Mon Nov 02 2020(Updated: )

Uncontrolled resource consumption vulnerability in Ethernet Port on MELSEC iQ-R, Q and L series CPU modules (R 00/01/02 CPU firmware versions '20' and earlier, R 04/08/16/32/120 (EN) CPU firmware versions '52' and earlier, R 08/16/32/120 SFCPU firmware versions '22' and earlier, R 08/16/32/120 PCPU all versions, R 08/16/32/120 PSFCPU all versions, R 16/32/64 MTCPU all versions, Q03 UDECPU, Q 04/06/10/13/20/26/50/100 UDEHCPU serial number '22081' and earlier , Q 03/04/06/13/26 UDVCPU serial number '22031' and earlier, Q 04/06/13/26 UDPVCPU serial number '22031' and earlier, Q 172/173 DCPU all versions, Q 172/173 DSCPU all versions, Q 170 MCPU all versions, Q 170 MSCPU all versions, L 02/06/26 CPU (-P) and L 26 CPU - (P) BT all versions) allows a remote unauthenticated attacker to stop the Ethernet communication functions of the products via a specially crafted packet, which may lead to a denial of service (DoS) condition .

Credit: vultures@jpcert.or.jp

Affected SoftwareAffected VersionHow to fix
Mitsubishielectric Melsec Q-q04udpvcpu Firmware=22031
Mitsubishielectric Melsec Q-q04udpvcpu
Mitsubishielectric Melsec Q-q06udpvcpu Firmware=22031
Mitsubishielectric Melsec Q-q06udpvcpu
Mitsubishielectric Melsec Q-q13udpvcpu Firmware=22031
Mitsubishielectric Melsec Q-q13udpvcpu
Mitsubishielectric Melsec Q-q26udpvcpu Firmware=22031
Mitsubishielectric Melsec Q-q26udpvcpu
Mitsubishielectric Melsec Q-q03udvcpu Firmware=22031
Mitsubishielectric Melsec Q-q03udvcpu
Mitsubishielectric Melsec Q-q04udvcpu Firmware=22031
Mitsubishielectric Melsec Q-q04udvcpu
Mitsubishielectric Melsec Q-q13udvcpu Firmware=22031
Mitsubishielectric Melsec Q-q13udvcpu
Mitsubishielectric Melsec Q-q26udvcpu Firmware=22031
Mitsubishielectric Melsec Q-q26udvcpu
Mitsubishielectric Melsec Q-q03udecpu Firmware=22081
Mitsubishielectric Melsec Q-q03udecpu
Mitsubishielectric Melsec Q-q04udehcpu Firmware=22081
Mitsubishielectric Melsec Q-q04udehcpu
Mitsubishielectric Melsec Q-q06udehcpu Firmware=22081
Mitsubishielectric Melsec Q-q06udehcpu
Mitsubishielectric Melsec Q-q10udehcpu Firmware=22081
Mitsubishielectric Melsec Q-q10udehcpu
Mitsubishielectric Melsec Q-q13udehcpu Firmware=22081
Mitsubishielectric Melsec Q-q13udehcpu
Mitsubishielectric Melsec Q-q20udehcpu Firmware=22081
Mitsubishielectric Melsec Q-q20udehcpu
Mitsubishielectric Melsec Q-q26udehcpu Firmware=22081
Mitsubishielectric Melsec Q-q26udehcpu
Mitsubishielectric Melsec Q-q50udehcpu Firmware=22081
Mitsubishielectric Melsec Q-q50udehcpu
Mitsubishielectric Melsec Q-q100udehcpu Firmware=22081
Mitsubishielectric Melsec Q-q100udehcpu
Mitsubishielectric Melsec Iq-r08sfcpu Firmware=22
Mitsubishielectric Melsec Iq-r08sfcpu
Mitsubishielectric Melsec Iq-r16sfcpu Firmware=22
Mitsubishielectric Melsec Iq-r16sfcpu
Mitsubishielectric Melsec Iq-r32sfcpu Firmware=22
Mitsubishielectric Melsec Iq-r32sfcpu
Mitsubishielectric Melsec Iq-r120sfcpu Firmware=22
Mitsubishielectric Melsec Iq-r120sfcpu
Mitsubishielectric Melsec Iq-r04encpu Firmware=52
Mitsubishielectric Melsec Iq-r04encpu
Mitsubishielectric Melsec Iq-r08encpu Firmware=52
Mitsubishielectric Melsec Iq-r08encpu
Mitsubishielectric Melsec Iq-r16encpu Firmware=52
Mitsubishielectric Melsec Iq-r16encpu
Mitsubishielectric Melsec Iq-r32encpu Firmware=52
Mitsubishielectric Melsec Iq-r32encpu
Mitsubishielectric Melsec Iq-r120encpu Firmware=52
Mitsubishielectric Melsec Iq-r120encpu
Mitsubishielectric Melsec Iq-r00cpu Firmware=20
Mitsubishielectric Melsec Iq-r00cpu
Mitsubishielectric Melsec Iq-r01cpu Firmware=20
Mitsubishielectric Melsec Iq-r01cpu
Mitsubishielectric Melsec Iq-r02cpu Firmware=20
Mitsubishielectric Melsec Iq-r02cpu
Mitsubishielectric Melsec Iq-r08pcpu Firmware
Mitsubishielectric Melsec Iq-r08pcpu
Mitsubishielectric Melsec Iq-r08psfcpu Firmware
Mitsubishielectric Melsec Iq-r08psfcpu
Mitsubishielectric Melsec Iq-r120pcpu Firmware
Mitsubishielectric Melsec Iq-r120pcpu
Mitsubishielectric Melsec Iq-r120psfcpu Firmware
Mitsubishielectric Melsec Iq-r120psfcpu
Mitsubishielectric Melsec Iq-r16mtcpu Firmware
Mitsubishielectric Melsec Iq-r16mtcpu
Mitsubishielectric Melsec Iq-r16pcpu Firmware
Mitsubishielectric Melsec Iq-r16pcpu
Mitsubishielectric Melsec Iq-r16psfcpu Firmware
Mitsubishielectric Melsec Iq-r16psfcpu
Mitsubishielectric Melsec Iq-r32mtcpu Firmware
Mitsubishielectric Melsec Iq-r32mtcpu
Mitsubishielectric Melsec Iq-r32pcpu Firmware
Mitsubishielectric Melsec Iq-r32pcpu
Mitsubishielectric Melsec Iq-r32psfcpu Firmware
Mitsubishielectric Melsec Iq-r32psfcpu
Mitsubishielectric Melsec Iq-r64mtcpu Firmware
Mitsubishielectric Melsec Iq-r64mtcpu
Mitsubishielectric Melsec L02cpu-p Firmware
Mitsubishielectric Melsec L02cpu-p
Mitsubishielectric Melsec L06cpu-p Firmware
Mitsubishielectric Melsec L06cpu-p
Mitsubishielectric Melsec L26cpu-p Firmware
Mitsubishielectric Melsec L26cpu-p
Mitsubishielectric Melsec L26cpu-pbt Firmware
Mitsubishielectric Melsec L26cpu-pbt
Mitsubishielectric Melsec Q-q170mcpu Firmware
Mitsubishielectric Melsec Q-q170mcpu
Mitsubishielectric Melsec Q-q170mscpu-s1 Firmware
Mitsubishielectric Melsec Q-q170mscpu-s1
Mitsubishielectric Melsec Q-q172dcpu-s1 Firmware
Mitsubishielectric Melsec Q-q172dcpu-s1
Mitsubishielectric Melsec Q-q172dscpu Firmware
Mitsubishielectric Melsec Q-q172dscpu
Mitsubishielectric Melsec Q-q173dcpu-s1 Firmware
Mitsubishielectric Melsec Q-q173dcpu-s1
Mitsubishielectric Melsec Q-q173dscpu Firmware
Mitsubishielectric Melsec Q-q173dscpu
Mitsubishielectric Melsec Q-qmr-mq100 Firmware
Mitsubishielectric Melsec Q-qmr-mq100

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203