Risk | High |
Patch available | YES |
Number of vulnerabilities | 6 |
CVE-ID | CVE-2020-5653 CVE-2020-5654 CVE-2020-5655 CVE-2020-5656 CVE-2020-5657 CVE-2020-5658 |
CWE-ID | CWE-119 CWE-384 CWE-476 CWE-284 CWE-88 CWE-399 |
Exploitation vector | Network |
Public exploit | N/A |
Vulnerable software Subscribe |
MELSEC iQ-R EtherNet/IP Network Interface Module Hardware solutions / Firmware MELSEC iQ-R PROFINET IO Controller Module Hardware solutions / Firmware MELSEC iQ-R High Speed Data Logger Module Hardware solutions / Firmware MELSEC iQ-R MES Interface Module Hardware solutions / Firmware MELSEC iQ-R OPC UA Server Module Hardware solutions / Firmware |
Vendor | Mitsubishi Electric |
Security Bulletin
This security bulletin contains information about 6 vulnerabilities.
EUVDB-ID: #VU48070
Risk: High
CVSSv3.1: 8.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-5653
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error. A remote attacker can send a specially crafted packet, trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
This vulnerability affects the following modules of MELSEC iQ-R Series:
Mitigation
Install updates from vendor's website.
Vulnerable software versionsMELSEC iQ-R EtherNet/IP Network Interface Module: 02
MELSEC iQ-R PROFINET IO Controller Module: 01
MELSEC iQ-R High Speed Data Logger Module: 08
MELSEC iQ-R MES Interface Module: 04
MELSEC iQ-R OPC UA Server Module: 04
External linkshttp://ics-cert.us-cert.gov/advisories/icsa-20-303-02
http://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2020-012_en.pdf
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU48071
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-5654
CWE-ID:
CWE-384 - Session Fixation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to the session invalidation issue. A remote attacker can send a specially crafted packet and cause a denial of service condition on the target system.
This vulnerability affects the following modules of MELSEC iQ-R Series:
Mitigation
Install updates from vendor's website.
Vulnerable software versionsMELSEC iQ-R EtherNet/IP Network Interface Module: 02
MELSEC iQ-R PROFINET IO Controller Module: 01
MELSEC iQ-R High Speed Data Logger Module: 08
MELSEC iQ-R MES Interface Module: 04
MELSEC iQ-R OPC UA Server Module: 04
External linkshttp://ics-cert.us-cert.gov/advisories/icsa-20-303-02
http://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2020-012_en.pdf
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU48074
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-5655
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error. A remote attacker can pass specially crafted data to the application and perform a denial of service (DoS) attack.
This vulnerability affects the following modules of MELSEC iQ-R Series:
Mitigation
Install updates from vendor's website.
Vulnerable software versionsMELSEC iQ-R EtherNet/IP Network Interface Module: 02
MELSEC iQ-R PROFINET IO Controller Module: 01
MELSEC iQ-R High Speed Data Logger Module: 08
MELSEC iQ-R MES Interface Module: 04
MELSEC iQ-R OPC UA Server Module: 04
External linkshttp://ics-cert.us-cert.gov/advisories/icsa-20-303-02
http://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2020-012_en.pdf
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU48075
Risk: High
CVSSv3.1: 8.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-5656
CWE-ID:
CWE-284 - Improper Access Control
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain unauthorized access to otherwise restricted functionality.
The vulnerability exists due to improper access restrictions. A remote attacker can bypass implemented security restrictions and gain unauthorized access to the application.
This vulnerability affects the following modules of MELSEC iQ-R Series:
Mitigation
Install updates from vendor's website.
Vulnerable software versionsMELSEC iQ-R EtherNet/IP Network Interface Module: 02
MELSEC iQ-R PROFINET IO Controller Module: 01
MELSEC iQ-R High Speed Data Logger Module: 08
MELSEC iQ-R MES Interface Module: 04
MELSEC iQ-R OPC UA Server Module: 04
External linkshttp://ics-cert.us-cert.gov/advisories/icsa-20-303-02
http://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2020-012_en.pdf
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU48076
Risk: Medium
CVSSv3.1: 7.7 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-5657
CWE-ID:
CWE-88 - Improper Neutralization of Argument Delimiters in a Command
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the target system.
The vulnerability due to improper neutralization of argument delimiters in a command. A remote attacker on the local network can send a specially crafted packet and cause a denial-of-service condition or execute arbitrary code.
This vulnerability affects the following modules of MELSEC iQ-R Series:
Mitigation
Install updates from vendor's website.
Vulnerable software versionsMELSEC iQ-R EtherNet/IP Network Interface Module: 02
MELSEC iQ-R PROFINET IO Controller Module: 01
MELSEC iQ-R High Speed Data Logger Module: 08
MELSEC iQ-R MES Interface Module: 04
MELSEC iQ-R OPC UA Server Module: 04
External linkshttp://ics-cert.us-cert.gov/advisories/icsa-20-303-02
http://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2020-012_en.pdf
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU48077
Risk: Medium
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-5658
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to improper management of internal resources within the application. A remote attacker can pass specially crafted data to the application and perform a denial of service (DoS) attack.
This vulnerability affects the following modules of MELSEC iQ-R Series:
Mitigation
Install updates from vendor's website.
Vulnerable software versionsMELSEC iQ-R EtherNet/IP Network Interface Module: 02
MELSEC iQ-R PROFINET IO Controller Module: 01
MELSEC iQ-R High Speed Data Logger Module: 08
MELSEC iQ-R MES Interface Module: 04
MELSEC iQ-R OPC UA Server Module: 04
External linkshttp://ics-cert.us-cert.gov/advisories/icsa-20-303-02
http://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2020-012_en.pdf
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.