Lucene search

MitsubishiCVE-2021-20586

HistoryJan 29, 2021 - 3:15 p.m.

CVE-2021-20586

2021-01-2915:15:12

Mitsubishi

web.nvd.nist.gov

cve

2021

20586

vulnerability

robot controller

melfa fr series

melfa cr series

assista

remote attacker

dos

resource management errors

nvd

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.002

Percentile

64.6%

JSON

Resource management errors vulnerability in a robot controller of MELFA FR Series(controller “CR800-VD” of RV-FR**-D-* all versions, controller "CR800-HD" of RH-FRH*-D-* all versions, controller "CR800-HRD" of RH-FRHR*-D-* all versions, controller “CR800-VR with R16RTCPU” of RV-FR**-R-* all versions, controller "CR800-HR with R16RTCPU" of RH-FRH*-R-* all versions, controller "CR800-HRR with R16RTCPU" of RH-FRHR*-R-* all versions, controller “CR800-VQ with Q172DSRCPU” of RV-FR**-Q-* all versions, controller "CR800-HQ with Q172DSRCPU" of RH-FRH*-Q-* all versions, controller "CR800-HRQ with Q172DSRCPU" of RH-FRHR*-Q-* all versions) and a robot controller of MELFA CR Series(controller “CR800-CVD” of RV-8CRL-D-* all versions, controller “CR800-CHD” of RH-CRH*-D-* all versions) as well as a cooperative robot ASSISTA(controller “CR800-05VD” of RV-5AS-D-* all versions) allows a remote unauthenticated attacker to cause a DoS of the execution of the robot program and the Ethernet communication by sending a large amount of packets in burst over a short period of time. As a result of DoS, an error may occur. A reset is required to recover it if the error occurs.

Affected configurations

Nvd

Node

mitsubishielectricrv2frMatch-

AND

mitsubishielectricrv2fr_firmware

Node

mitsubishielectricrv2frlMatch-

AND

mitsubishielectricrv2frl_firmware

Node

mitsubishielectricrv4frMatch-

AND

mitsubishielectricrv4fr_firmware

Node

mitsubishielectricrv4frlMatch-

AND

mitsubishielectricrv4frl_firmware

Node

mitsubishielectricrv7frMatch-

AND

mitsubishielectricrv7fr_firmware

Node

mitsubishielectricrv7frlMatch-

AND

mitsubishielectricrv7frl_firmware

Node

mitsubishielectricrv7frllMatch-

AND

mitsubishielectricrv7frll_firmware

Node

mitsubishielectricrv13frMatch-

AND

mitsubishielectricrv13fr_firmware

Node

mitsubishielectricrv13frl_firmware

AND

mitsubishielectricrv13frlMatch-

Node

mitsubishielectricrv20fr_firmware

AND

mitsubishielectricrv20frMatch-

Node

mitsubishielectricrh1frhr_firmware

AND

mitsubishielectricrh1frhrMatch-

Node

mitsubishielectricrh3frhr_firmware

AND

mitsubishielectricrh3frhrMatch-

Node

mitsubishielectricrh3frh35_firmware

AND

mitsubishielectricrh3frh35Match-

Node

mitsubishielectricrh3frh45_firmware

AND

mitsubishielectricrh3frh45Match-

Node

mitsubishielectricrh3frh55_firmware

AND

mitsubishielectricrh3frh55Match-

Node

mitsubishielectricrh6frh35_firmware

AND

mitsubishielectricrh6frh35Match-

Node

mitsubishielectricrh6frh45_firmware

AND

mitsubishielectricrh6frh45Match-

Node

mitsubishielectricrh6frh55_firmware

AND

mitsubishielectricrh6frh55Match-

Node

mitsubishielectricrh12frh55_firmware

AND

mitsubishielectricrh12frh55Match-

Node

mitsubishielectricrh12rfh70_firmware

AND

mitsubishielectricrh12rfh70Match-

Node

mitsubishielectricrh12frh85_firmware

AND

mitsubishielectricrh12frh85Match-

Node

mitsubishielectricrh20frh85_firmware

AND

mitsubishielectricrh20frh85Match-

Node

mitsubishielectricrh20frh100_firmware

AND

mitsubishielectricrh20frh100Match-

Node

mitsubishielectricrv2fr\(b\)_firmware

AND

mitsubishielectricrv2fr\(b\)Match-

Node

mitsubishielectricrv2frl\(b\)_firmware

AND

mitsubishielectricrv2frl\(b\)Match-

Node

mitsubishielectricrv4frm\/c_firmware

AND

mitsubishielectricrv4frm\/cMatch-

Node

mitsubishielectricrv4frlm\/c_firmware

AND

mitsubishielectricrv4frlm\/cMatch-

Node

mitsubishielectricrv7frm\/c_firmware

AND

mitsubishielectricrv7frm\/cMatch-

Node

mitsubishielectricrv7frlm\/c_firmware

AND

mitsubishielectricrv7frlm\/cMatch-

Node

mitsubishielectricrv7frllm\/c_firmware

AND

mitsubishielectricrv7frllm\/cMatch-

Node

mitsubishielectricrv13frm\/c_firmware

AND

mitsubishielectricrv13frm\/cMatch-

Node

mitsubishielectricrv13frlm\/c_firmware

AND

mitsubishielectricrv13frlm\/cMatch-

Node

mitsubishielectricrv20frm\/c_firmware

AND

mitsubishielectricrv20frm\/cMatch-

VendorProductVersionCPE
mitsubishielectricrv2fr-cpe:2.3:h:mitsubishielectric:rv2fr:-:*:*:*:*:*:*:*
mitsubishielectricrv2fr_firmware*cpe:2.3:o:mitsubishielectric:rv2fr_firmware:*:*:*:*:*:*:*:*
mitsubishielectricrv2frl-cpe:2.3:h:mitsubishielectric:rv2frl:-:*:*:*:*:*:*:*
mitsubishielectricrv2frl_firmware*cpe:2.3:o:mitsubishielectric:rv2frl_firmware:*:*:*:*:*:*:*:*
mitsubishielectricrv4fr-cpe:2.3:h:mitsubishielectric:rv4fr:-:*:*:*:*:*:*:*
mitsubishielectricrv4fr_firmware*cpe:2.3:o:mitsubishielectric:rv4fr_firmware:*:*:*:*:*:*:*:*
mitsubishielectricrv4frl-cpe:2.3:h:mitsubishielectric:rv4frl:-:*:*:*:*:*:*:*
mitsubishielectricrv4frl_firmware*cpe:2.3:o:mitsubishielectric:rv4frl_firmware:*:*:*:*:*:*:*:*
mitsubishielectricrv7fr-cpe:2.3:h:mitsubishielectric:rv7fr:-:*:*:*:*:*:*:*
mitsubishielectricrv7fr_firmware*cpe:2.3:o:mitsubishielectric:rv7fr_firmware:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
mitsubishielectric	rv2fr	-	cpe:2.3:h:mitsubishielectric:rv2fr:-:::::::*
mitsubishielectric	rv2fr_firmware	*	cpe:2.3:o:mitsubishielectric:rv2fr_firmware::::::::
mitsubishielectric	rv2frl	-	cpe:2.3:h:mitsubishielectric:rv2frl:-:::::::*
mitsubishielectric	rv2frl_firmware	*	cpe:2.3:o:mitsubishielectric:rv2frl_firmware::::::::
mitsubishielectric	rv4fr	-	cpe:2.3:h:mitsubishielectric:rv4fr:-:::::::*
mitsubishielectric	rv4fr_firmware	*	cpe:2.3:o:mitsubishielectric:rv4fr_firmware::::::::
mitsubishielectric	rv4frl	-	cpe:2.3:h:mitsubishielectric:rv4frl:-:::::::*
mitsubishielectric	rv4frl_firmware	*	cpe:2.3:o:mitsubishielectric:rv4frl_firmware::::::::
mitsubishielectric	rv7fr	-	cpe:2.3:h:mitsubishielectric:rv7fr:-:::::::*
mitsubishielectric	rv7fr_firmware	*	cpe:2.3:o:mitsubishielectric:rv7fr_firmware::::::::

Rows per page:

1-10 of 661

CNA Affected

[
  {
    "product": "Robot Controller MELFA FR Series; Robot Controller CR Series; Cooperative Robot ASSISTA",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "Controller \"CR800-*V*D\" of RV-*FR***-D-* all versions, Controller \"CR800-*HD\" of RH-*FRH***-D-* all versions, Controller \"CR800-*HRD\" of RH-*FRHR***-D-* all versions, Controller \"CR800-*V*R with R16RTCPU\" of RV-*FR***-R-* all versions, Controller \"CR800-*HR with R16RTCPU\" of RH-*FRH***-R-* all versions, Controller \"CR800-*HRR with R16RTCPU\" of RH-*FRHR***-R-* all versions, Controller \"CR800-*V*Q with Q172DSRCPU\" of RV-*FR***-Q-* all versions, Controller \"CR800-*HQ with Q172DSRCPU\" of RH-*FRH***-Q-* all versions, Controller \"CR800-*HRQ with Q172DSRCPU\" of RH-*FRHR***-Q-* all versions"
      },
      {
        "status": "affected",
        "version": "Controller \"CR800-CVD\" of RV-8CRL-D-* all versions, Controller \"CR800-CHD\" of RH-*CRH**-D-* all versions"
      },
      {
        "status": "affected",
        "version": "Controller \"CR800-05VD\" of RV-5AS-D-* all versions"
      }
    ]
  }
]

References

www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2020-019_en.pdf

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.002

Percentile

64.6%

JSON

Related for CVE-2021-20586