Vulnerability identifier: #VU50840

Vulnerability risk: Medium

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-20588

CWE-ID: CWE-130

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Setting/monitoring tools for the C Controller module
Other software / Other software solutions
Data Transfer
Other software / Other software solutions
EZSocket
Other software / Other software solutions
MH11 SettingTool Version2
Other software / Other software solutions
CPU Module Logging Configuration Tool
Client/Desktop applications / Software for system administration
CW Configurator
Client/Desktop applications / Software for system administration
Mitsubishi Electric FR Configurator2
Client/Desktop applications / Software for system administration
FR Configurator
Client/Desktop applications / Software for system administration
FR Configurator SW3
Client/Desktop applications / Software for system administration
GT Designer3
Client/Desktop applications / Software for system administration
GX Configurator-DP
Client/Desktop applications / Software for system administration
GX Configurator-QP
Client/Desktop applications / Software for system administration
GX Developer
Client/Desktop applications / Software for system administration
GX LogViewer
Client/Desktop applications / Software for system administration
GX RemoteService-I
Client/Desktop applications / Software for system administration
GX Works2
Client/Desktop applications / Software for system administration
GX Works3
Client/Desktop applications / Software for system administration
M_CommDTM-HART
Client/Desktop applications / Software for system administration
M_CommDTM-IO-Link
Client/Desktop applications / Software for system administration
MELFA-Works
Client/Desktop applications / Software for system administration
MELSOFT EM Software Development Kit (EM Configurator)
Client/Desktop applications / Software for system administration
MELSOFT Navigator
Client/Desktop applications / Software for system administration
MI Configurator
Client/Desktop applications / Software for system administration
MT Works2
Client/Desktop applications / Software for system administration
RT ToolBox2
Client/Desktop applications / Software for system administration
RT ToolBox3
Client/Desktop applications / Software for system administration
SLMP Data Collector
Client/Desktop applications / Software for system administration
GT SoftGOT1000 Version3
Server applications / SCADA systems
GT SoftGOT2000 Version1
Server applications / SCADA systems
MELSEC WinCPU Setting Utility
Operating systems & Components / Operating system package or component
MX Component
Universal components / Libraries / Libraries used by multiple products
Network Interface Board CC IE Control utility
Server applications / Other server solutions
Network Interface Board CC IE Field Utility
Server applications / Other server solutions
Network Interface Board CC-Link Ver.2 Utility
Server applications / Other server solutions
Network Interface Board MNETH utility
Server applications / Other server solutions
PX Developer
Client/Desktop applications / Other client software

Vendor: Mitsubishi Electric

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to improper handling of length parameter inconsistency. A remote attacker can spoof MELSEC, GOT or FREQROL, return crafted reply packets and cause a denial of service condition on the target system.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

Setting/monitoring tools for the C Controller module: All versions

CPU Module Logging Configuration Tool: All versions

CW Configurator: All versions

Data Transfer: All versions

EZSocket: All versions

Mitsubishi Electric FR Configurator2: All versions

FR Configurator: All versions

FR Configurator SW3: All versions

GT Designer3: All versions

GT SoftGOT1000 Version3: All versions

GT SoftGOT2000 Version1: All versions

GX Configurator-DP: 7.14Q

GX Configurator-QP: All versions

GX Developer: All versions

GX LogViewer: All versions

GX RemoteService-I: All versions

GX Works2: 1.597X

GX Works3: 1.070Y

M_CommDTM-HART: All versions

M_CommDTM-IO-Link: All versions

MELFA-Works: All versions

MELSEC WinCPU Setting Utility: All versions

MELSOFT EM Software Development Kit (EM Configurator): All versions

MELSOFT Navigator: All versions

MH11 SettingTool Version2: All versions

MI Configurator: All versions

MT Works2: All versions

MX Component: All versions

Network Interface Board CC IE Control utility: All versions

Network Interface Board CC IE Field Utility: All versions

Network Interface Board CC-Link Ver.2 Utility: All versions

Network Interface Board MNETH utility: All versions

PX Developer: All versions

RT ToolBox2: All versions

RT ToolBox3: All versions

SLMP Data Collector: All versions

---

External links
http://jvn.jp/vu/JVNVU92330101/index.html
http://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2020-021_en.pdf

---

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.