Denial of service in Mitsubishi Electric MELSEC-Q Series and MELSEC-L CPU Modules

Published: 2019-11-11 | Updated: 2019-11-11
Severity Medium
Patch available YES
Number of vulnerabilities 1
CVE ID CVE-2019-13555
CWE ID CWE-400
Exploitation vector Network
Public exploit N/A
Vulnerable software Q03UDVCPU Subscribe
Q04UDVCPU
Q06UDVCPU
Q13UDVCPU
Q26UDVCPU
Q04UDPVCPU
Q06UDPVCPU
Q13UDPVCPU
Q26UDPVCPU
MELSEC-Q Q03UDECPU
Q04UDEHCPU
Q06UDEHCPU
Q10UDEHCPU
Q13UDEHCPU
Q20UDEHCPU
Q26UDEHCPU
Q50UDEHCPU
Q100UDEHCPU
MELSEC-L L02CPU
MELSEC-L L06CPU
MELSEC-L L26CPU
MELSEC-L L26CPU-BT
MELSEC-L L02CPU-P
MELSEC-L L06CPU-P
MELSEC-L L26CPU-P
MELSEC-L L26CPU-PBT
MELSEC-L L02CPU-CM
MELSEC-L L06CPU-CM
MELSEC-L L26CPU-CM
MELSEC-L L26CPU-BT-CM
Vendor Mitsubishi Electric

Security Advisory

This security advisory describes one medium risk vulnerability.

1) Resource exhaustion

Severity: Medium

CVSSv3: 6.5 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2019-13555

CWE-ID: CWE-400 - Uncontrolled Resource Consumption ('Resource Exhaustion')

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to improper resource management. A remote attacker can trigger resource exhaustion and cause the FTP service to enter a denial-of-service condition dependent on the timing at which a remote attacker connects to the FTP server on the affected CPU modules.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Q03UDVCPU: -, 21081

Q04UDVCPU: -, 21081

Q06UDVCPU: -, 21081

Q13UDVCPU: -, 21081

Q26UDVCPU: -, 21081

Q04UDPVCPU: -, 21081

Q06UDPVCPU: -, 21081

Q13UDPVCPU: -, 21081

Q26UDPVCPU: -, 21081

MELSEC-Q Q03UDECPU: -, 21081

Q04UDEHCPU: -, 21081

Q06UDEHCPU: -, 21081

Q10UDEHCPU: -, 21081

Q13UDEHCPU: -, 21081

Q20UDEHCPU: -, 21081

Q26UDEHCPU: -, 21081

Q50UDEHCPU: -, 21081

Q100UDEHCPU: -, 21081

MELSEC-L L02CPU: -, 21101

MELSEC-L L06CPU: -, 21101

MELSEC-L L26CPU: -, 21101

MELSEC-L L26CPU-BT: -, 21101

MELSEC-L L02CPU-P: -, 21101

MELSEC-L L06CPU-P: -, 21101

MELSEC-L L26CPU-P: -, 21101

MELSEC-L L26CPU-PBT: -, 21101

MELSEC-L L02CPU-CM: -, 21101

MELSEC-L L06CPU-CM: -, 21101

MELSEC-L L26CPU-CM: -, 21101

MELSEC-L L26CPU-BT-CM: -, 21101

CPE External links

https://ics-cert.us-cert.gov/advisories/icsa-19-311-01

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.