CVE-2020-5668
First published: Fri Nov 20 2020(Updated: )
Uncontrolled resource consumption vulnerability in MELSEC iQ-R Series modules (R00/01/02CPU firmware version '19' and earlier, R04/08/16/32/120 (EN) CPU firmware version '51' and earlier, R08/16/32/120SFCPU firmware version '22' and earlier, R08/16/32/120PCPU firmware version '25' and earlier, R08/16/32/120PSFCPU firmware version '06' and earlier, RJ71EN71 firmware version '47' and earlier, RJ71GF11-T2 firmware version '47' and earlier, RJ72GF15-T2 firmware version '07' and earlier, RJ71GP21-SX firmware version '47' and earlier, RJ71GP21S-SX firmware version '47' and earlier, and RJ71GN11-T2 firmware version '11' and earlier) allows a remote unauthenticated attacker to cause an error in a CPU unit and cause a denial-of-service (DoS) condition in execution of the program and its communication, or to cause a denial-of-service (DoS) condition in communication via the unit by receiving a specially crafted SLMP packet
Credit: vultures@jpcert.or.jp
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Mitsubishielectric R00cpu Firmware | <=19 | |
| Mitsubishielectric R00cpu | ||
| Mitsubishielectric R01cpu Firmware | <=19 | |
| Mitsubishielectric R01cpu | ||
| Mitsubishielectric R02cpu Firmware | <=19 | |
| Mitsubishielectric R02cpu | ||
| Mitsubishielectric R04cpu Firmware | <=51 | |
| Mitsubishielectric R04cpu | ||
| Mitsubishielectric R08cpu Firmware | <=51 | |
| Mitsubishielectric R08cpu | ||
| Mitsubishielectric R16cpu Firmware | <=51 | |
| Mitsubishielectric R16cpu | ||
| Mitsubishielectric R32cpu Firmware | <=51 | |
| Mitsubishielectric R32cpu | ||
| Mitsubishielectric R120cpu Firmware | <=51 | |
| Mitsubishielectric R120cpu | ||
| Mitsubishielectric R08sfcpu Firmware | <=22 | |
| Mitsubishielectric R08sfcpu | ||
| Mitsubishielectric R16sfcpu Firmware | <=22 | |
| Mitsubishielectric R16sfcpu | ||
| Mitsubishielectric R32sfcpu Firmware | <=22 | |
| Mitsubishielectric R32sfcpu | ||
| Mitsubishielectric R120sfcpu Firmware | <=22 | |
| Mitsubishielectric R120sfcpu | ||
| Mitsubishielectric R08pcpu Firmware | <=25 | |
| Mitsubishielectric R08pcpu | ||
| Mitsubishielectric R16pcpu Firmware | <=25 | |
| Mitsubishielectric R16pcpu | ||
| Mitsubishielectric R32pcpu Firmware | <=25 | |
| Mitsubishielectric R32pcpu | ||
| Mitsubishielectric R120pcpu Firmware | <=25 | |
| Mitsubishielectric R120pcpu | ||
| Mitsubishielectric R08psfcpu Firmware | <=06 | |
| Mitsubishielectric R08psfcpu | ||
| Mitsubishielectric R16psfcpu Firmware | <=06 | |
| Mitsubishielectric R16psfcpu | ||
| Mitsubishielectric R32psfcpu Firmware | <=06 | |
| Mitsubishielectric R32psfcpu | ||
| Mitsubishielectric R120psfcpu Firmware | <=06 | |
| Mitsubishielectric R120psfcpu | ||
| Mitsubishielectric Rj71en71 Firmware | <=47 | |
| Mitsubishielectric Rj71en71 | ||
| Mitsubishielectric Rj71gf11-t2 Firmware | <=47 | |
| Mitsubishielectric Rj71gf11-t2 | ||
| Mitsubishielectric Rj72gf15-t2 Firmware | <=07 | |
| Mitsubishielectric Rj72gf15-t2 | ||
| Mitsubishielectric Rj71gp21-sx Firmware | <=47 | |
| Mitsubishielectric Rj71gp21-sx | ||
| Mitsubishielectric Rj71gp21s-sx Firmware | <=47 | |
| Mitsubishielectric Rj71gp21s-sx | ||
| Mitsubishielectric Rj71c24-r2 Firmware | <=47 | |
| Mitsubishielectric Rj71c24-r2 | ||
| Mitsubishielectric Rj71c24-r4 Firmware | <=47 | |
| Mitsubishielectric Rj71c24-r4 | ||
| Mitsubishielectric Rj71gn11-t2 Firmware | <=11 | |
| Mitsubishi Electric RJ71GN11-T2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2020-5668?
CVE-2020-5668 has a high severity rating due to the potential for uncontrolled resource consumption, which can lead to a denial of service.
How do I fix CVE-2020-5668?
To fix CVE-2020-5668, update your MELSEC iQ-R Series modules to the latest firmware version as recommended by Mitsubishi Electric.
Which versions of MELSEC iQ-R Series modules are affected by CVE-2020-5668?
CVE-2020-5668 affects R00/01/02CPU firmware versions '19' and earlier, R04/08/16/32/120 (EN) CPU firmware versions '51' and earlier, and several other specific firmware versions.
Can CVE-2020-5668 lead to system downtime?
Yes, CVE-2020-5668 can lead to significant system downtime due to resource exhaustion if exploited.
Is there any workaround for CVE-2020-5668?
Currently, the best approach for CVE-2020-5668 is to upgrade to the patched firmware, as there are no cited workarounds for the vulnerability.
- agent/references
- agent/type
- agent/last-modified-date
- collector/nvd-index
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- agent/severity
- agent/weakness
- agent/author
- agent/softwarecombine
- agent/tags
- agent/description
- agent/first-publish-date
- agent/event
- vendor/mitsubishielectric
- canonical/mitsubishielectric r00cpu firmware
- version/mitsubishielectric r00cpu firmware/19
- canonical/mitsubishielectric r00cpu
- canonical/mitsubishielectric r01cpu firmware
- version/mitsubishielectric r01cpu firmware/19
- canonical/mitsubishielectric r01cpu
- canonical/mitsubishielectric r02cpu firmware
- version/mitsubishielectric r02cpu firmware/19
- canonical/mitsubishielectric r02cpu
- canonical/mitsubishielectric r04cpu firmware
- version/mitsubishielectric r04cpu firmware/51
- canonical/mitsubishielectric r04cpu
- canonical/mitsubishielectric r08cpu firmware
- version/mitsubishielectric r08cpu firmware/51
- canonical/mitsubishielectric r08cpu
- canonical/mitsubishielectric r16cpu firmware
- version/mitsubishielectric r16cpu firmware/51
- canonical/mitsubishielectric r16cpu
- canonical/mitsubishielectric r32cpu firmware
- version/mitsubishielectric r32cpu firmware/51
- canonical/mitsubishielectric r32cpu
- canonical/mitsubishielectric r120cpu firmware
- version/mitsubishielectric r120cpu firmware/51
- canonical/mitsubishielectric r120cpu
- canonical/mitsubishielectric r08sfcpu firmware
- version/mitsubishielectric r08sfcpu firmware/22
- canonical/mitsubishielectric r08sfcpu
- canonical/mitsubishielectric r16sfcpu firmware
- version/mitsubishielectric r16sfcpu firmware/22
- canonical/mitsubishielectric r16sfcpu
- canonical/mitsubishielectric r32sfcpu firmware
- version/mitsubishielectric r32sfcpu firmware/22
- canonical/mitsubishielectric r32sfcpu
- canonical/mitsubishielectric r120sfcpu firmware
- version/mitsubishielectric r120sfcpu firmware/22
- canonical/mitsubishielectric r120sfcpu
- canonical/mitsubishielectric r08pcpu firmware
- version/mitsubishielectric r08pcpu firmware/25
- canonical/mitsubishielectric r08pcpu
- canonical/mitsubishielectric r16pcpu firmware
- version/mitsubishielectric r16pcpu firmware/25
- canonical/mitsubishielectric r16pcpu
- canonical/mitsubishielectric r32pcpu firmware
- version/mitsubishielectric r32pcpu firmware/25
- canonical/mitsubishielectric r32pcpu
- canonical/mitsubishielectric r120pcpu firmware
- version/mitsubishielectric r120pcpu firmware/25
- canonical/mitsubishielectric r120pcpu
- canonical/mitsubishielectric r08psfcpu firmware
- version/mitsubishielectric r08psfcpu firmware/06
- canonical/mitsubishielectric r08psfcpu
- canonical/mitsubishielectric r16psfcpu firmware
- version/mitsubishielectric r16psfcpu firmware/06
- canonical/mitsubishielectric r16psfcpu
- canonical/mitsubishielectric r32psfcpu firmware
- version/mitsubishielectric r32psfcpu firmware/06
- canonical/mitsubishielectric r32psfcpu
- canonical/mitsubishielectric r120psfcpu firmware
- version/mitsubishielectric r120psfcpu firmware/06
- canonical/mitsubishielectric r120psfcpu
- canonical/mitsubishielectric rj71en71 firmware
- version/mitsubishielectric rj71en71 firmware/47
- canonical/mitsubishielectric rj71en71
- canonical/mitsubishielectric rj71gf11-t2 firmware
- version/mitsubishielectric rj71gf11-t2 firmware/47
- canonical/mitsubishielectric rj71gf11-t2
- canonical/mitsubishielectric rj72gf15-t2 firmware
- version/mitsubishielectric rj72gf15-t2 firmware/07
- canonical/mitsubishielectric rj72gf15-t2
- canonical/mitsubishielectric rj71gp21-sx firmware
- version/mitsubishielectric rj71gp21-sx firmware/47
- canonical/mitsubishielectric rj71gp21-sx
- canonical/mitsubishielectric rj71gp21s-sx firmware
- version/mitsubishielectric rj71gp21s-sx firmware/47
- canonical/mitsubishielectric rj71gp21s-sx
- canonical/mitsubishielectric rj71c24-r2 firmware
- version/mitsubishielectric rj71c24-r2 firmware/47
- canonical/mitsubishielectric rj71c24-r2
- canonical/mitsubishielectric rj71c24-r4 firmware
- version/mitsubishielectric rj71c24-r4 firmware/47
- canonical/mitsubishielectric rj71c24-r4
- canonical/mitsubishielectric rj71gn11-t2 firmware
- version/mitsubishielectric rj71gn11-t2 firmware/11
- canonical/mitsubishi electric rj71gn11-t2