Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2020-5603
HistoryJun 30, 2020 - 11:15 a.m.

CVE-2020-5603

2020-06-3011:15:11
CWE-400
[email protected]
web.nvd.nist.gov
27
cve-2020-5603
mitsubishi electoric
fa engineering software
denial of service
dos
vulnerability
security
nvd

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.1 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

45.8%

JSON

Uncontrolled resource consumption vulnerability in Mitsubishi Electoric FA Engineering Software (CPU Module Logging Configuration Tool Ver. 1.94Y and earlier, CW Configurator Ver. 1.010L and earlier, EM Software Development Kit (EM Configurator) Ver. 1.010L and earlier, GT Designer3 (GOT2000) Ver. 1.221F and earlier, GX LogViewer Ver. 1.96A and earlier, GX Works2 Ver. 1.586L and earlier, GX Works3 Ver. 1.058L and earlier, M_CommDTM-HART Ver. 1.00A, M_CommDTM-IO-Link Ver. 1.02C and earlier, MELFA-Works Ver. 4.3 and earlier, MELSEC-L Flexible High-Speed I/O Control Module Configuration Tool Ver.1.004E and earlier, MELSOFT FieldDeviceConfigurator Ver. 1.03D and earlier, MELSOFT iQ AppPortal Ver. 1.11M and earlier, MELSOFT Navigator Ver. 2.58L and earlier, MI Configurator Ver. 1.003D and earlier, Motion Control Setting Ver. 1.005F and earlier, MR Configurator2 Ver. 1.72A and earlier, MT Works2 Ver. 1.156N and earlier, RT ToolBox2 Ver. 3.72A and earlier, and RT ToolBox3 Ver. 1.50C and earlier) allows an attacker to cause a denial of service (DoS) condition attacks via unspecified vectors.

Affected configurations

NVD
Node
mitsubishielectriccpu_module_logging_configuration_toolRange1.94y
OR
mitsubishielectriccw_configuratorRange1.010l
OR
mitsubishielectricem_configuratorRange1.010l
OR
mitsubishielectricgt_designer3Range1.221f
OR
mitsubishielectricgx_logviewerRange1.100e
OR
mitsubishielectricgx_works2Range1.590q
OR
mitsubishielectricgx_works3Range1.060n
OR
mitsubishielectricm_commdtm-hartRange1.01b
OR
mitsubishielectricm_commdtm-io-linkRange1.03d
OR
mitsubishielectricmelfa-worksRange4.4
OR
mitsubishielectricmelsec-l_flexible_high-speed_i\/o_control_module_configuration_toolRange1.005f
OR
mitsubishielectricmelsoft_fielddeviceconfiguratorRange1.04e
OR
mitsubishielectricmelsoft_iq_appportalRange1.14q
OR
mitsubishielectricmelsoft_navigatorRange2.62q
OR
mitsubishielectricmi_configuratorRange1.004e
OR
mitsubishielectricmotion_control_settingRange1.006g
OR
mitsubishielectricmr_configurator2Range1.100e
OR
mitsubishielectricmt_works2Range1.160s
OR
mitsubishielectricrt_toolbox2Range3.73b
OR
mitsubishielectricrt_toolbox3Range1.60n
CPENameOperatorVersion
mitsubishielectric:cpu_module_logging_configuration_toolmitsubishielectric cpu module logging configuration toolle1.94y
mitsubishielectric:cw_configuratormitsubishielectric cw configuratorle1.010l
mitsubishielectric:em_configuratormitsubishielectric em configuratorle1.010l
mitsubishielectric:gt_designer3mitsubishielectric gt designer3le1.221f
mitsubishielectric:gx_logviewermitsubishielectric gx logviewerle1.100e
mitsubishielectric:gx_works2mitsubishielectric gx works2le1.590q
mitsubishielectric:gx_works3mitsubishielectric gx works3le1.060n
mitsubishielectric:m_commdtm-hartmitsubishielectric m commdtm-hartle1.01b
mitsubishielectric:m_commdtm-io-linkmitsubishielectric m commdtm-io-linkle1.03d
mitsubishielectric:melfa-worksmitsubishielectric melfa-worksle4.4
Rows per page:
1-10 of 201

CNA Affected

[
  {
    "product": "Mitsubishi Electoric FA Engineering Software",
    "vendor": "Mitsubishi Electric Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "CPU Module Logging Configuration Tool Ver. 1.94Y and earlier, CW Configurator Ver. 1.010L and earlier, EM Software Development Kit (EM Configurator) Ver. 1.010L and earlier, GT Designer3 (GOT2000) Ver. 1.221F and earlier, GX LogViewer Ver. 1.96A and earlier, GX Works2 Ver. 1.586L and earlier, GX Works3 Ver. 1.058L and earlier, M_CommDTM-HART Ver. 1.00A, M_CommDTM-IO-Link Ver. 1.02C and earlier, MELFA-Works Ver. 4.3 and earlier, MELSEC-L Flexible High-Speed I/O Control Module Configuration Tool Ver.1.004E and earlier, MELSOFT FieldDeviceConfigurator Ver. 1.03D and earlier, MELSOFT iQ AppPortal Ver. 1.11M and earlier, MELSOFT Navigator Ver. 2.58L and earlier, MI Configurator Ver. 1.003D and earlier, Motion Control Setting Ver. 1.005F and earlier, MR Configurator2 Ver. 1.72A and earlier, MT Works2 Ver. 1.156N and earlier, RT ToolBox2 Ver. 3.72A and earlier, and RT ToolBox3 Ver. 1.50C and earlier"
      }
    ]
  }
]

Related

cvelist 1
prion 1
nvd 1
nessus 1
ics 1
cvelist
cvelist
CVE-2020-5603
2020-06-30 10:20:45
prion
prion
Design/Logic Flaw
2020-06-30 11:15:00
nvd
nvd
CVE-2020-5603
2020-06-30 11:15:11
nessus
nessus
Mitsubishi (CVE-2020-5603) (deprecated)
2022-02-07 00:00:00
ics
ics
Mitsubishi Electric Factory Automation Engineering Software Products
2020-06-30 12:00:00

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.1 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

45.8%

JSON
Related for CVE-2020-5603
cvelist1prion1nvd1nessus1ics1