Attacker Value
Unknown
(0 users assessed)
Exploitability
Unknown
(0 users assessed)
User Interaction
None
Privileges Required
None
Attack Vector
Network
0

CVE-2021-20610

Disclosure Date: December 01, 2021
CVE-2021-20610 CVSS v3 Base Score: 7.5
Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

Improper Handling of Length Parameter Inconsistency vulnerability in Mitsubishi Electric MELSEC iQ-R Series R00/01/02CPU, MELSEC iQ-R Series R04/08/16/32/120(EN)CPU, MELSEC iQ-R Series R08/16/32/120SFCPU, MELSEC iQ-R Series R08/16/32/120PCPU, MELSEC iQ-R Series R08/16/32/120PSFCPU, MELSEC iQ-R Series R16/32/64MTCPU, MELSEC iQ-R Series R12CCPU-V, MELSEC Q Series Q03UDECPU, MELSEC Q Series Q04/06/10/13/20/26/50/100UDEHCPU, MELSEC Q Series Q03/04/06/13/26UDVCPU, MELSEC Q Series Q04/06/13/26UDPVCPU, MELSEC Q Series Q12DCCPU-V, MELSEC Q Series Q24DHCCPU-V(G), MELSEC Q Series Q24/26DHCCPU-LS, MELSEC Q Series MR-MQ100, MELSEC Q Series Q172/173DCPU-S1, MELSEC Q Series Q172/173DSCPU, MELSEC Q Series Q170MCPU, MELSEC Q Series Q170MSCPU(-S1), MELSEC L Series L02/06/26CPU(-P), MELSEC L Series L26CPU-(P)BT and MELIPC Series MI5122-VW allows a remote unauthenticated attacker to cause a denial-of-service (DoS) condition by sending specially crafted packets. System reset is required for recovery.

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

CVSS V3 Severity and Metrics
Base Score:
7.5 High
Impact Score:
3.6
Exploitability Score:
3.9
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector (AV):
Network
Attack Complexity (AC):
Low
Privileges Required (PR):
None
User Interaction (UI):
None
Scope (S):
Unchanged
Confidentiality (C):
None
Integrity (I):
None
Availability (A):
High

General Information

Offensive Application
Unknown
Utility Class
Unknown
Ports
Unknown
OS
Unknown
Vulnerable Versions
MELSEC iQ-R Series R00CPU Firmware versions "24" and prior
MELSEC iQ-R Series R01CPU Firmware versions "24" and prior
MELSEC iQ-R Series R02CPU Firmware versions "24" and prior
MELSEC iQ-R Series R04CPU Firmware versions "57" and prior
MELSEC iQ-R Series R08CPU Firmware versions "57" and prior
MELSEC iQ-R Series R16CPU Firmware versions "57" and prior
MELSEC iQ-R Series R32CPU Firmware versions "57" and prior
MELSEC iQ-R Series R120CPU Firmware versions "57" and prior
MELSEC iQ-R Series R04ENCPU Firmware versions "57" and prior
MELSEC iQ-R Series R08ENCPU Firmware versions "57" and prior
MELSEC iQ-R Series R16ENCPU Firmware versions "57" and prior
MELSEC iQ-R Series R32ENCPU Firmware versions "57" and prior
MELSEC iQ-R Series R120ENCPU Firmware versions "57" and prior
MELSEC iQ-R Series R08SFCPU Firmware versions "26" and prior
MELSEC iQ-R Series R16SFCPU Firmware versions "26" and prior
MELSEC iQ-R Series R32SFCPU Firmware versions "26" and prior
MELSEC iQ-R Series R120SFCPU Firmware versions "26" and prior
MELSEC iQ-R Series R08PCPU Firmware versions "29" and prior
MELSEC iQ-R Series R16PCPU Firmware versions "29" and prior
MELSEC iQ-R Series R32PCPU Firmware versions "29" and prior
MELSEC iQ-R Series R120PCPU Firmware versions "29" and prior
MELSEC iQ-R Series R08PSFCPU Firmware versions "08" and prior
MELSEC iQ-R Series R16PSFCPU Firmware versions "08" and prior
MELSEC iQ-R Series R32PSFCPU Firmware versions "08" and prior
MELSEC iQ-R Series R120PSFCPU Firmware versions "08" and prior
MELSEC iQ-R Series R16MTCPU Operating system software version "23" and prior
MELSEC iQ-R Series R32MTCPU Operating system software version "23" and prior
MELSEC iQ-R Series R64MTCPU Operating system software version "23" and prior
MELSEC iQ-R Series R12CCPU-V Firmware versions "16" and prior
MELSEC Q Series Q03UDECPU The first 5 digits of serial No. "23121" and prior
MELSEC Q Series Q04UDEHCPU The first 5 digits of serial No. "23121" and prior
MELSEC Q Series Q06UDEHCPU The first 5 digits of serial No. "23121" and prior
MELSEC Q Series Q10UDEHCPU The first 5 digits of serial No. "23121" and prior
MELSEC Q Series Q13UDEHCPU The first 5 digits of serial No. "23121" and prior
MELSEC Q Series Q20UDEHCPU The first 5 digits of serial No. "23121" and prior
MELSEC Q Series Q26UDEHCPU The first 5 digits of serial No. "23121" and prior
MELSEC Q Series Q50UDEHCPU The first 5 digits of serial No. "23121" and prior
MELSEC Q Series Q100UDEHCPU The first 5 digits of serial No. "23121" and prior
MELSEC Q Series Q03UDVCPU The first 5 digits of serial No. "23071" and prior
MELSEC Q Series Q04UDVCPU The first 5 digits of serial No. "23071" and prior
MELSEC Q Series Q06UDVCPU The first 5 digits of serial No. "23071" and prior
MELSEC Q Series Q13UDVCPU The first 5 digits of serial No. "23071" and prior
MELSEC Q Series Q26UDVCPU The first 5 digits of serial No. "23071" and prior
MELSEC Q Series Q04UDPVCPU The first 5 digits of serial No. "23071" and prior
MELSEC Q Series Q06UDPVCPU The first 5 digits of serial No. "23071" and prior
MELSEC Q Series Q13UDPVCPU The first 5 digits of serial No. "23071" and prior
MELSEC Q Series Q26UDPVCPU The first 5 digits of serial No. "23071" and prior
MELSEC Q Series Q12DCCPU-V The first 5 digits of serial No. "24031" and prior
MELSEC Q Series Q24DHCCPU-V The first 5 digits of serial No. "24031" and prior
MELSEC Q Series Q24DHCCPU-VG The first 5 digits of serial No. "24031" and prior
MELSEC Q Series Q24DHCCPU-LS The first 5 digits of serial No. "24031" and prior
MELSEC Q Series Q26DHCCPU-LS The first 5 digits of serial No. "24031" and prior
MELSEC Q Series MR-MQ100 Operating system software version "F" and prior
MELSEC Q Series Q172DCPU-S1 Operating system software version "W" and prior
MELSEC Q Series Q173DCPU-S1 Operating system software version "W" and prior
MELSEC Q Series Q172DSCPU Operating system software version "Y" and prior
MELSEC Q Series Q173DSCPU Operating system software version "Y" and prior
MELSEC Q Series Q170MCPU Operating system software version "W" and prior
MELSEC Q Series Q170MSCPU Operating system software version "Y" and prior
MELSEC Q Series Q170MSCPU-S1 Operating system software version "Y" and prior
MELSEC L Series L02CPU The first 5 digits of serial No. "23121" and prior
MELSEC L Series L06CPU The first 5 digits of serial No. "23121" and prior
MELSEC L Series L26CPU The first 5 digits of serial No. "23121" and prior
MELSEC L Series L02CPU-P The first 5 digits of serial No. "23121" and prior
MELSEC L Series L06CPU-P The first 5 digits of serial No. "23121" and prior
MELSEC L Series L26CPU-P The first 5 digits of serial No. "23121" and prior
MELSEC L Series L26CPU-BT The first 5 digits of serial No. "23121" and prior
MELSEC L Series L26CPU-PBT The first 5 digits of serial No. "23121" and prior
MELIPC Series MI5122-VW Firmware versions "05" and prior
Prerequisites
Unknown
Discovered By
Unknown
PoC Author
Unknown
Metasploit Module
Unknown
Reporter
Unknown

Vendors

Products

Additional Info

Authenticated
Unknown
Exploitable
Unknown
Reliability
Unknown
Stability
Unknown
Available Mitigations
Unknown
Shelf Life
Unknown
Userbase/Installbase
Unknown
Patch Effectiveness
Unknown
Technical Analysis