Lucene search

[email protected]NVD:CVE-2020-14521

HistoryFeb 11, 2022 - 6:15 p.m.

CVE-2020-14521

2022-02-1118:15:08

CWE-428

CWE-276

[email protected]

web.nvd.nist.gov

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

0.004 Low

EPSS

Percentile

72.2%

JSON

Multiple Mitsubishi Electric Factory Automation engineering software products have a malicious code execution vulnerability. A malicious attacker could use this vulnerability to obtain information, modify information, and cause a denial-of-service condition.

Affected configurations

NVD

Node

mitsubishielectricc_controller_interface_module_utility

mitsubishielectricc_controller_module_setting_and_monitoring_tool

mitsubishielectriccc-link_ie_control_network_data_collectorMatch1.00a

mitsubishielectriccc-link_ie_field_network_data_collectorMatch1.00a

mitsubishielectriccc-link_ie_tsn_data_collectorMatch1.00a

mitsubishielectriccpu_module_logging_configuration_toolRange≤1.100e

mitsubishielectriccw_configuratorRange≤1.010l

mitsubishielectricdata_transferRange≤3.42u

mitsubishielectricezsocketRange≤5.1

mitsubishielectricfr_configurator_sw3

mitsubishielectricfr_configurator2

mitsubishielectricgt_designer2_classic

mitsubishielectricgt_softgot1000Range3.0–3.200j

mitsubishielectricgt_softgot2000Range1.0–1.241b

mitsubishielectricgx_developerRange≤8.504a

mitsubishielectricgx_logviewerRange≤1.100e

mitsubishielectricgx_works2Range≤1.601b

mitsubishielectricgx_works3Range≤1.063r

mitsubishielectricm_commdtm-io-link

mitsubishielectricmelfa-worksRange≤4.4

mitsubishielectricmelsec_wincpu_setting_utility

mitsubishielectricmelsoft_complete_clean_up_toolRange≤1.06g

mitsubishielectricmelsoft_em_software_development_kit

mitsubishielectricmelsoft_iq_appportalRange≤1.17t

mitsubishielectricmelsoft_navigatorRange≤2.74c

mitsubishielectricmi_configurator

mitsubishielectricmotion_control_settingRange≤1.005f

mitsubishielectricmotorizerRange≤1.005f

mitsubishielectricmr_configurator2Range≤1.125f

mitsubishielectricmt_works2Range≤1.167z

mitsubishielectricmtconnect_data_collectorRange≤1.1.4.0

mitsubishielectricmx_componentRange≤4.20w

mitsubishielectricmx_mesinterfaceRange≤1.21x

mitsubishielectricmx_mesinterface-rRange≤1.12n

mitsubishielectricmx_sheetRange≤2.15r

mitsubishielectricposition_board_utility_2

mitsubishielectricpx_developerRange≤1.53f

mitsubishielectricrt_toolbox2Range≤3.73b

mitsubishielectricrt_toolbox3Range≤1.82l

mitsubishielectricsetting\/monitoring_tools_for_the_c_controller_module

mitsubishielectricslmp_data_collectorRange≤1.04e

Node

mitsubishielectricgt_designer3Range≤1.241b

AND

mitsubishielectricgot1000_series_gt10Match-

mitsubishielectricgot1000_series_gt11Match-

mitsubishielectricgot1000_series_gt12Match-

mitsubishielectricgot1000_series_gt14Match-

mitsubishielectricgot1000_series_gt15Match-

mitsubishielectricgot1000_series_gt16Match-

mitsubishielectricgot1000_series_gt21Match-

mitsubishielectricgot1000_series_gt23Match-

mitsubishielectricgot1000_series_gt25Match-

mitsubishielectricgot1000_series_gt27Match-

Node

mitsubishielectricnetwork_interface_board_cc-link_ver.2_utility_firmware

AND

mitsubishielectricnetwork_interface_board_cc-link_ver.2_utilityMatch-

Node

mitsubishielectricnetwork_interface_board_cc_ie_control_utility_firmware

AND

mitsubishielectricnetwork_interface_board_cc_ie_control_utilityMatch-

Node

mitsubishielectricnetwork_interface_board_cc_ie_field_utility_firmware

AND

mitsubishielectricnetwork_interface_board_cc_ie_field_utilityMatch-

Node

mitsubishielectricnetwork_interface_board_mneth_utility_firmware

AND

mitsubishielectricnetwork_interface_board_mneth_utilityMatch-

References

www.cisa.gov/uscert/ics/advisories/icsa-20-212-04

www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2020-007_en.pdf

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

0.004 Low

EPSS

Percentile

72.2%

JSON

Related for NVD:CVE-2020-14521

cvelist1 cve1 prion1 ics1 nessus1