Attacker Value
Unknown
(0 users assessed)
Exploitability
Unknown
(0 users assessed)
User Interaction
None
Privileges Required
None
Attack Vector
Network
0

CVE-2020-16226

Disclosure Date: September 01, 2020
CVE-2020-16226 CVSS v3 Base Score: 9.8
Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

Multiple Mitsubishi Electric products are vulnerable to impersonations of a legitimate device by a malicious actor, which may allow an attacker to remotely execute arbitrary commands.

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

CVSS V3 Severity and Metrics
Base Score:
9.8 Critical
Impact Score:
5.9
Exploitability Score:
3.9
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector (AV):
Network
Attack Complexity (AC):
Low
Privileges Required (PR):
None
User Interaction (UI):
None
Scope (S):
Unchanged
Confidentiality (C):
High
Integrity (I):
High
Availability (A):
High

General Information

Offensive Application
Unknown
Utility Class
Unknown
Ports
Unknown
OS
Unknown
Vulnerable Versions
QJ71MES96 all versions
QJ71WS96 all versions
Q06CCPU-V all versions
Q24DHCCPU-V all versions
Q24DHCCPU-VG all versions
R12CCPU-V all versions
RD55UP06-V, all versions
D55UP12-V all versions
RJ71GN11-T2 all versions
RJ71EN71 all versions
QJ71E71-100 all versions
LJ71E71-100 all versions
QJ71MT91 all versions
RD78Gn(n=4,8,16,32,64) all versions
RD78GHV all versions
RD78GHW all versions
NZ2GACP620-60 all versions
NZ2GACP620-300 all versions
NZ2FT-MT all versions
NZ2FT-EIP all versions
Q03UDECPU the first 5 digits of serial number 22081 and prior
QnUDEHCPU(n=04/06/10/13/20/26/50/100) the first 5 digits of serial number 22081 and prior
QnUDVCPU(n=03/04/06/13/26) the first 5 digits of serial number 22031 and prior
QnUDPVCPU(n=04/06/13/2) the first 5 digits of serial number 22031 and prior
LnCPU(-P)(n=02/06/26) the first 5 digits of serial number 22051 and prior
L26CPU-(P)BT the first 5 digits of serial number 22051 and prior
RnCPU(n=00/01/02) Version 18 and prior
RnCPU(n=04/08/16/32/120) Version 50 and prior
RnENCPU(n=04/08/16/32/120) Version 50 and prior
RnSFCPU (n=08/16/32/120) all versions
RnPCPU(n=08/16/32/120) all versions
RnPSFCPU(n=08/16/32/120) all versions
FX5U(C)-**M*/** Serial number 17X**** or later: Version 1.210 and prior
FX5U(C)-**M*/** Serial number 179**** and prior: Version 1.070 and prior
FX5UC-32M*/**-TS Version 1.210 and prior
FX5UJ-**M*/** Version 1.000
FX5-ENET all versions
FX5-ENET/IP all versions
FX3U-ENET-ADP all versions
FX3GE-**M*/** all versions
FX3U-ENET all versions
FX3U-ENET-L all versions
FX3U-ENET-P502 all versions
FX5-CCLGN-MS all versions
IU1-1M20-D all versions
LE7-40GU-L all versions
GOT2000 Series GT21 Model all versions
GS Series all versions
GOT1000 Series GT14 Model all versions
GT25-J71GN13-T2 all versions
FR-A800-E Series all versions
FR-F800-E Series all versions
FR-A8NCG Production date August 2020 and prior
FR-E800-EPA Series Production date July 2020 and prior
FR-E800-EPB Series Production date July 2020 and prior
Conveyor Tracking Application all versions
Conveyor Tracking Application all versions
Conveyor Tracking Application all versions
Conveyor Tracking Application all versions
MR-JE-C all versions
MR-J4-TM all versions
Prerequisites
Unknown
Discovered By
Unknown
PoC Author
Unknown
Metasploit Module
Unknown
Reporter
Unknown

Vendors

Products

Weaknesses

Additional Info

Authenticated
Unknown
Exploitable
Unknown
Reliability
Unknown
Stability
Unknown
Available Mitigations
Unknown
Shelf Life
Unknown
Userbase/Installbase
Unknown
Patch Effectiveness
Unknown
Technical Analysis