Lucene search
K

122 matches found

Cvelist
Cvelist
added 2020/11/20 3:30 a.m.48 views

CVE-2020-5668

Uncontrolled resource consumption vulnerability in MELSEC iQ-R Series modules R00/01/02CPU firmware version '19' and earlier, R04/08/16/32/120 EN CPU firmware version '51' and earlier, R08/16/32/120SFCPU firmware version '22' and earlier, R08/16/32/120PCPU firmware version '25' and earlier,...

7.5AI score0.04731EPSS
Exploits0References4
ICS
ICS
added 2020/11/19 7:0 a.m.90 views

Mitsubishi Electric MELSEC iQ-R Series (Update D)

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 8.6 ATTENTION : Exploitable remotely/low attack complexity Vendor : Mitsubishi Electric Equipment : MELSEC iQ-R Series Vulnerability : Uncontrolled Resource Consumption 2. RISK EVALUATION Successful exploitation of this vulnerability could cause a...

7.8CVSS7.6AI score0.02117EPSS
Exploits0References10
ICS
ICS
added 2020/11/19 12:0 a.m.83 views

Mitsubishi Electric MELSEC iQ-R Series (Update C)

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mitsubishi Electric Equipment: MELSEC iQ-R series Vulnerability: Uncontrolled Resource Consumption 2. UPDATE INFORMATION This updated advisory is a follow-up to the advisory update titled ICSA-20-324-05...

7.8CVSS7.6AI score0.04731EPSS
Exploits0References4
Prion
Prion
added 2020/11/16 1:15 a.m.12 views

Design/Logic Flaw

Uncontrolled resource consumption vulnerability in MELSEC iQ-R Series CPU Modules R00/01/02CPU Firmware versions from '05' to '19' and R04/08/16/32/120ENCPU Firmware versions from '35' to '51' allows a remote attacker to cause an error in a CPU unit via a specially crafted HTTP packet, which may...

7.1CVSS7.4AI score0.08397EPSS
Exploits0References4Affected Software8
Cvelist
Cvelist
added 2020/11/16 12:49 a.m.19 views

CVE-2020-5666

Uncontrolled resource consumption vulnerability in MELSEC iQ-R Series CPU Modules R00/01/02CPU Firmware versions from '05' to '19' and R04/08/16/32/120ENCPU Firmware versions from '35' to '51' allows a remote attacker to cause an error in a CPU unit via a specially crafted HTTP packet, which may...

7.5AI score0.08397EPSS
Exploits0References4
NVD
NVD
added 2020/11/02 9:15 p.m.19 views

CVE-2020-5657

Improper neutralization of argument delimiters in a command 'Argument Injection' vulnerability in TCP/IP function included in the firmware of MELSEC iQ-R series RJ71EIP91 EtherNet/IP Network Interface Module First 2 digits of serial number are '02' or before, RJ71PN92 PROFINET IO Controller Modul...

6.5CVSS7.3AI score0.0105EPSS
Exploits0References3
NVD
NVD
added 2020/11/02 9:15 p.m.20 views

CVE-2020-5656

Improper access control vulnerability in TCP/IP function included in the firmware of MELSEC iQ-R series RJ71EIP91 EtherNet/IP Network Interface Module First 2 digits of serial number are '02' or before, RJ71PN92 PROFINET IO Controller Module First 2 digits of serial number are '01' or before,...

9.8CVSS9.5AI score0.02933EPSS
Exploits0References3
NVD
NVD
added 2020/11/02 9:15 p.m.27 views

CVE-2020-5653

Buffer overflow vulnerability in TCP/IP function included in the firmware of MELSEC iQ-R series RJ71EIP91 EtherNet/IP Network Interface Module First 2 digits of serial number are '02' or before, RJ71PN92 PROFINET IO Controller Module First 2 digits of serial number are '01' or before, RD81DL96 Hi...

9.8CVSS9.6AI score0.0317EPSS
Exploits0References3
NVD
NVD
added 2020/11/02 9:15 p.m.22 views

CVE-2020-5654

Session fixation vulnerability in TCP/IP function included in the firmware of MELSEC iQ-R series RJ71EIP91 EtherNet/IP Network Interface Module First 2 digits of serial number are '02' or before, RJ71PN92 PROFINET IO Controller Module First 2 digits of serial number are '01' or before, RD81DL96...

7.5CVSS8AI score0.02703EPSS
Exploits0References3
Prion
Prion
added 2020/11/02 9:15 p.m.18 views

Null pointer dereference

NULL pointer dereferences vulnerability in TCP/IP function included in the firmware of MELSEC iQ-R series RJ71EIP91 EtherNet/IP Network Interface Module First 2 digits of serial number are '02' or before, RJ71PN92 PROFINET IO Controller Module First 2 digits of serial number are '01' or before,...

5CVSS7.9AI score0.0291EPSS
Exploits0References3
Prion
Prion
added 2020/11/02 9:15 p.m.20 views

Session fixation

Session fixation vulnerability in TCP/IP function included in the firmware of MELSEC iQ-R series RJ71EIP91 EtherNet/IP Network Interface Module First 2 digits of serial number are '02' or before, RJ71PN92 PROFINET IO Controller Module First 2 digits of serial number are '01' or before, RD81DL96...

5CVSS7.9AI score0.02703EPSS
Exploits0References3
Prion
Prion
added 2020/11/02 9:15 p.m.17 views

Buffer overflow

Buffer overflow vulnerability in TCP/IP function included in the firmware of MELSEC iQ-R series RJ71EIP91 EtherNet/IP Network Interface Module First 2 digits of serial number are '02' or before, RJ71PN92 PROFINET IO Controller Module First 2 digits of serial number are '01' or before, RD81DL96 Hi...

7.5CVSS9.5AI score0.0317EPSS
Exploits0References3
Prion
Prion
added 2020/11/02 9:15 p.m.21 views

Improper access control

Improper access control vulnerability in TCP/IP function included in the firmware of MELSEC iQ-R series RJ71EIP91 EtherNet/IP Network Interface Module First 2 digits of serial number are '02' or before, RJ71PN92 PROFINET IO Controller Module First 2 digits of serial number are '01' or before,...

7.5CVSS9.4AI score0.02933EPSS
Exploits0References3
Cvelist
Cvelist
added 2020/10/30 3:35 a.m.27 views

CVE-2020-5658

Resource Management Errors vulnerability in TCP/IP function included in the firmware of MELSEC iQ-R series RJ71EIP91 EtherNet/IP Network Interface Module First 2 digits of serial number are '02' or before, RJ71PN92 PROFINET IO Controller Module First 2 digits of serial number are '01' or before,...

7.5AI score0.02885EPSS
Exploits0References3
Cvelist
Cvelist
added 2020/10/30 3:35 a.m.28 views

CVE-2020-5657

Improper neutralization of argument delimiters in a command 'Argument Injection' vulnerability in TCP/IP function included in the firmware of MELSEC iQ-R series RJ71EIP91 EtherNet/IP Network Interface Module First 2 digits of serial number are '02' or before, RJ71PN92 PROFINET IO Controller Modul...

6.6AI score0.0105EPSS
Exploits0References3
Cvelist
Cvelist
added 2020/10/30 3:35 a.m.34 views

CVE-2020-5655

NULL pointer dereferences vulnerability in TCP/IP function included in the firmware of MELSEC iQ-R series RJ71EIP91 EtherNet/IP Network Interface Module First 2 digits of serial number are '02' or before, RJ71PN92 PROFINET IO Controller Module First 2 digits of serial number are '01' or before,...

7.5AI score0.0291EPSS
Exploits0References3
Cvelist
Cvelist
added 2020/10/30 3:35 a.m.24 views

CVE-2020-5656

Improper access control vulnerability in TCP/IP function included in the firmware of MELSEC iQ-R series RJ71EIP91 EtherNet/IP Network Interface Module First 2 digits of serial number are '02' or before, RJ71PN92 PROFINET IO Controller Module First 2 digits of serial number are '01' or before,...

9.5AI score0.02933EPSS
Exploits0References3
Cvelist
Cvelist
added 2020/10/30 3:35 a.m.27 views

CVE-2020-5654

Session fixation vulnerability in TCP/IP function included in the firmware of MELSEC iQ-R series RJ71EIP91 EtherNet/IP Network Interface Module First 2 digits of serial number are '02' or before, RJ71PN92 PROFINET IO Controller Module First 2 digits of serial number are '01' or before, RD81DL96...

7.5AI score0.02703EPSS
Exploits0References3
Prion
Prion
added 2020/06/10 8:15 p.m.22 views

Design/Logic Flaw

Mitsubishi MELSEC iQ-R Series PLCs with firmware 33 allow attackers to halt the industrial process by sending an unauthenticated crafted packet over the network, because this denial of service attack consumes excessive CPU time. After halting, physical access to the PLC is required in order to...

7.8CVSS7.3AI score0.03336EPSS
Exploits0References3Affected Software12
CVE
CVE
added 2020/06/10 7:53 p.m.65 views

CVE-2020-13238

CVE-2020-13238 affects Mitsubishi Electric MELSEC iQ-R Series PLCs. A specially crafted, unauthenticated network packet can cause an uncontrolled resource consumption (DoS) at the Ethernet port, leading to a halt of the industrial process. Recovery requires physical access to the PLC. Affected de...

7.8CVSS7.3AI score0.03336EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder