Improper Handling of Length Parameter Inconsistency in Mitsubishi Electric Hardware solutions

#VU58465 Improper Handling of Length Parameter Inconsistency in Mitsubishi Electric Hardware solutions

Published: 2021-12-01

Vulnerability identifier: #VU58465

Vulnerability risk: Medium

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-20610

CWE-ID: CWE-130

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
MELSEC iQ-R 00 CPU
Hardware solutions / Firmware
MELSEC iQ-R 01 CPU
Hardware solutions / Firmware
MELSEC iQ-R 02 CPU
Hardware solutions / Firmware
MELSEC iQ-Q 172 DCPU-S1
Hardware solutions / Firmware
MELSEC iQ-R 120 PCPU
Hardware solutions / Firmware
MELSEC iQ-R 32 PCPU
Hardware solutions / Firmware
MELSEC iQ-R 16 PCPU
Hardware solutions / Firmware
MELSEC iQ-R 08 PCPU
Hardware solutions / Firmware
MELSEC iQ-Q 100 UDEHCPU
Hardware solutions / Firmware
MELSEC iQ-Q 50 UDEHCPU
Hardware solutions / Firmware
MELSEC iQ-Q 26 UDEHCPU
Hardware solutions / Firmware
MELSEC iQ-Q 20 UDEHCPU
Hardware solutions / Firmware
MELSEC iQ-Q 13 UDEHCPU
Hardware solutions / Firmware
MELSEC iQ-Q 10 UDEHCPU
Hardware solutions / Firmware
MELSEC iQ-Q 06 UDEHCPU
Hardware solutions / Firmware
MELSEC iQ-Q 04 UDEHCPU
Hardware solutions / Firmware
MELSEC iQ-R 04 (EN) CPU
Hardware solutions / Firmware
MELSEC iQ-R 08 (EN) CPU
Hardware solutions / Firmware
MELSEC iQ-R 16 (EN) CPU
Hardware solutions / Firmware
MELSEC iQ-R 32 (EN) CPU
Hardware solutions / Firmware
MELSEC iQ-R 120 (EN) CPU
Hardware solutions / Firmware
MELSEC iQ-R 120 SFCPU
Hardware solutions / Firmware
MELSEC iQ-R 32 SFCPU
Hardware solutions / Firmware
MELSEC iQ-R 16 SFCPU
Hardware solutions / Firmware
MELSEC iQ-R 08 SFCPU
Hardware solutions / Firmware
MELSEC iQ-R 120 PSFCPU
Hardware solutions / Firmware
MELSEC iQ-R 32 PSFCPU
Hardware solutions / Firmware
MELSEC iQ-R 16 PSFCPU
Hardware solutions / Firmware
MELSEC iQ-R 08 PSFCPU
Hardware solutions / Firmware
MELSEC iQ-R 64 MTCPU
Hardware solutions / Firmware
MELSEC iQ-R 32 MTCPU
Hardware solutions / Firmware
MELSEC iQ-R 16 MTCPU
Hardware solutions / Firmware
MELSEC iQ-Q 26 UDVCPU
Hardware solutions / Firmware
MELSEC iQ-Q 13 UDVCPU
Hardware solutions / Firmware
MELSEC iQ-Q 06 UDVCPU
Hardware solutions / Firmware
MELSEC iQ-Q 04 UDVCPU
Hardware solutions / Firmware
MELSEC iQ-Q 03 UDVCPU
Hardware solutions / Firmware
MELSEC iQ-Q 26 UDPVCPU
Hardware solutions / Firmware
MELSEC iQ-Q 13 UDPVCPU
Hardware solutions / Firmware
MELSEC iQ-Q 06 UDPVCPU
Hardware solutions / Firmware
MELSEC iQ-Q 04 UDPVCPU
Hardware solutions / Firmware
MELSEC Q Series Q12DCCPU-V
Hardware solutions / Firmware
MELSEC Q Series Q24DHCCPU-V(G)
Hardware solutions / Firmware
MELSEC Q Series Q24/26DHCCPU-LS
Hardware solutions / Firmware
MELSEC iQ-Q MR-MQ100
Hardware solutions / Firmware
MELSEC Q Series Q172 DCPU-S1
Hardware solutions / Firmware
MELSEC Q Series Q173DCPU-S1
Hardware solutions / Firmware
MELSEC iQ-Q 173 DSCPU
Hardware solutions / Firmware
MELSEC iQ-Q 172 DSCPU
Hardware solutions / Firmware
MELSEC Q Series Q170MCPU
Hardware solutions / Firmware
MELSEC Q Series Q170MSCPU(-S1)
Hardware solutions / Firmware
MELSEC L Series L26CPU-(P)BT
Hardware solutions / Firmware
MELSEC L Series L26CPU(-P)
Hardware solutions / Firmware
MELSEC L Series L06(-P)
Hardware solutions / Firmware
MELSEC L Series L02(-P)
Hardware solutions / Firmware
MELIPC Series MI5122-VW
Hardware solutions / Firmware
MELSEC-Q Q03UDECPU
Hardware solutions / Routers & switches, VoIP, GSM, etc
MELSEC iQ-R Series C R12CCPU-V
Hardware solutions / Routers & switches, VoIP, GSM, etc

Vendor: Mitsubishi Electric

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to the affected product parses a formatted message or structure, but it does not handle or incorrectly handles a length field that is inconsistent with the actual length of the associated data. A remote attacker can perform a denial of service (DoS) attack.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

MELSEC iQ-R 00 CPU: 24

MELSEC iQ-R 01 CPU: 24

MELSEC iQ-R 02 CPU: 24

MELSEC iQ-Q 172 DCPU-S1: All versions

MELSEC iQ-R 120 PCPU: 29

MELSEC iQ-R 32 PCPU: 29

MELSEC iQ-R 16 PCPU: 29

MELSEC iQ-R 08 PCPU: 29

MELSEC iQ-Q 100 UDEHCPU: All versions

MELSEC iQ-Q 50 UDEHCPU: All versions

MELSEC iQ-Q 26 UDEHCPU: All versions

MELSEC iQ-Q 20 UDEHCPU: All versions

MELSEC iQ-Q 13 UDEHCPU: All versions

MELSEC iQ-Q 10 UDEHCPU: All versions

MELSEC iQ-Q 06 UDEHCPU: All versions

MELSEC iQ-Q 04 UDEHCPU: All versions

MELSEC-Q Q03UDECPU: All versions

MELSEC iQ-R 04 (EN) CPU: 57

MELSEC iQ-R 08 (EN) CPU: 57

MELSEC iQ-R 16 (EN) CPU: 57

MELSEC iQ-R 32 (EN) CPU: 57

MELSEC iQ-R 120 (EN) CPU: 57

MELSEC iQ-R 120 SFCPU: All versions

MELSEC iQ-R 32 SFCPU: All versions

MELSEC iQ-R 16 SFCPU: All versions

MELSEC iQ-R 08 SFCPU: All versions

MELSEC iQ-R 120 PSFCPU: All versions

MELSEC iQ-R 32 PSFCPU: All versions

MELSEC iQ-R 16 PSFCPU: All versions

MELSEC iQ-R 08 PSFCPU: All versions

MELSEC iQ-R 64 MTCPU: All versions

MELSEC iQ-R 32 MTCPU: All versions

MELSEC iQ-R 16 MTCPU: All versions

MELSEC iQ-R Series C R12CCPU-V: All versions

MELSEC iQ-Q 26 UDVCPU: 23071

MELSEC iQ-Q 13 UDVCPU: 23071

MELSEC iQ-Q 06 UDVCPU: 23071

MELSEC iQ-Q 04 UDVCPU: 23071

MELSEC iQ-Q 03 UDVCPU: 23071

MELSEC iQ-Q 26 UDPVCPU: 23071

MELSEC iQ-Q 13 UDPVCPU: 23071

MELSEC iQ-Q 06 UDPVCPU: 23071

MELSEC iQ-Q 04 UDPVCPU: 23071

MELSEC Q Series Q12DCCPU-V: All versions

MELSEC Q Series Q24DHCCPU-V(G): All versions

MELSEC Q Series Q24/26DHCCPU-LS: All versions

MELSEC iQ-Q MR-MQ100: All versions

MELSEC Q Series Q172 DCPU-S1: All versions

MELSEC Q Series Q173DCPU-S1: All versions

MELSEC iQ-Q 173 DSCPU: All versions

MELSEC iQ-Q 172 DSCPU: All versions

MELSEC Q Series Q170MCPU: All versions

MELSEC Q Series Q170MSCPU(-S1): All versions

MELSEC L Series L26CPU-(P)BT: All versions

MELSEC L Series L26CPU(-P): All versions

MELSEC L Series L06(-P): All versions

MELSEC L Series L02(-P): All versions

MELIPC Series MI5122-VW: All versions

External links
http://ics-cert.us-cert.gov/advisories/icsa-21-334-02
http://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-019_en.pdf

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Multiple vulnerabilities in Mitsubishi Electric MELSEC and MELIPC Series