#VU50840 Improper Handling of Length Parameter Inconsistency in Mitsubishi Electric products - CVE-2021-20588

Vulnerability identifier: #VU50840

Vulnerability risk: Medium

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green

CVE-ID: CVE-2021-20588

CWE-ID: CWE-130

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
Setting/monitoring tools for the C Controller module
Data Transfer
EZSocket
MH11 SettingTool Version2
CPU Module Logging Configuration Tool
CW Configurator
Mitsubishi Electric FR Configurator2
FR Configurator
FR Configurator SW3
GT Designer3
GX Configurator-DP
GX Configurator-QP
GX Developer
GX LogViewer
GX RemoteService-I
GX Works2
GX Works3
M_CommDTM-HART
M_CommDTM-IO-Link
MELFA-Works
MELSOFT EM Software Development Kit (EM Configurator)
MELSOFT Navigator
MI Configurator
MT Works2
RT ToolBox2
RT ToolBox3
SLMP Data Collector
GT SoftGOT1000 Version3
GT SoftGOT2000 Version1
MELSEC WinCPU Setting Utility
MX Component
Network Interface Board CC IE Control utility
Network Interface Board CC IE Field Utility
Network Interface Board CC-Link Ver.2 Utility
Network Interface Board MNETH utility
PX Developer

Software vendor:
Mitsubishi Electric

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to improper handling of length parameter inconsistency. A remote attacker can spoof MELSEC, GOT or FREQROL, return crafted reply packets and cause a denial of service condition on the target system.

Install updates from vendor's website.

• https://jvn.jp/vu/JVNVU92330101/index.html
• https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2020-021_en.pdf