Vulnerabilites related to mitsubishielectric - q02phcpu
var-202003-1411
Vulnerability from variot

When MELSOFT transmission port (UDP/IP) of Mitsubishi Electric MELSEC iQ-R series (all versions), MELSEC iQ-F series (all versions), MELSEC Q series (all versions), MELSEC L series (all versions), and MELSEC F series (all versions) receives massive amount of data via unspecified vectors, resource consumption occurs and the port does not process the data properly. As a result, it may fall into a denial-of-service (DoS) condition. The vendor states this vulnerability only affects Ethernet communication functions. Provided by Mitsubishi Electric Corporation MELSEC iQ-R , iQ-F , Q , L , F Of the series MELSOFT Communication port (UDP/IP) Is a resource exhaustion vulnerability (CWE-400) Exists. MELSOFT If a large amount of data is sent to the communication port, the resources will be exhausted and processing will not be performed on that port, which will interfere with service operation. (DoS) It may be in a state. This vulnerability information is provided by the developer for the purpose of disseminating it to product users. JPCERT/CC Report to JPCERT/CC Coordinated with the developer.MELSOFT If the communication port goes into an unprocessable state, a normal client MELSOFT You will not be able to connect to the communication port. Also, it becomes difficult to connect devices that are communicating on other communication ports. Misubishi Electric MELSEC iQ-R series, etc. are all programmable logic controllers of Japan Mitsubishi Electric (Misubishi Electric) company.

Many Mitsubishi Electric products have resource management error vulnerabilities

Show details on source website

To clipboard 

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-202003-1411",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "cr800-q",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "mitsubishielectric",
        "version": null
      },
      {
        "model": "q25prhcpu",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "mitsubishielectric",
        "version": null
      },
      {
        "model": "r32encpu",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "mitsubishielectric",
        "version": null
      },
      {
        "model": "l26cpu",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "mitsubishielectric",
        "version": null
      },
      {
        "model": "q12prhcpu",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "mitsubishielectric",
        "version": null
      },
      {
        "model": "fx3u",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "mitsubishielectric",
        "version": null
      },
      {
        "model": "fx3g",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "mitsubishielectric",
        "version": null
      },
      {
        "model": "l26cpu-pbt",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "mitsubishielectric",
        "version": null
      },
      {
        "model": "q26dhccpu-ls",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "mitsubishielectric",
        "version": null
      },
      {
        "model": "r16encpu",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "mitsubishielectric",
        "version": null
      },
      {
        "model": "fx5u",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "mitsubishielectric",
        "version": null
      },
      {
        "model": "l06cpu-p",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "mitsubishielectric",
        "version": null
      },
      {
        "model": "q12dccpu-v",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "mitsubishielectric",
        "version": null
      },
      {
        "model": "q25phcpu",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "mitsubishielectric",
        "version": null
      },
      {
        "model": "fx3uc",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "mitsubishielectric",
        "version": null
      },
      {
        "model": "r32cpu",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "mitsubishielectric",
        "version": null
      },
      {
        "model": "r120encpu",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "mitsubishielectric",
        "version": null
      },
      {
        "model": "fx3s",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "mitsubishielectric",
        "version": null
      },
      {
        "model": "l26cpu-p",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "mitsubishielectric",
        "version": null
      },
      {
        "model": "r120cpu",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "mitsubishielectric",
        "version": null
      },
      {
        "model": "q02phcpu",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "mitsubishielectric",
        "version": null
      },
      {
        "model": "q24dhccpu-ls",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "mitsubishielectric",
        "version": null
      },
      {
        "model": "l06cpu",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "mitsubishielectric",
        "version": null
      },
      {
        "model": "r08cpu",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "mitsubishielectric",
        "version": null
      },
      {
        "model": "q172dscpu",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "mitsubishielectric",
        "version": null
      },
      {
        "model": "r00cpu",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "mitsubishielectric",
        "version": null
      },
      {
        "model": "fx5uc",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "mitsubishielectric",
        "version": null
      },
      {
        "model": "l26cpu-bt",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "mitsubishielectric",
        "version": null
      },
      {
        "model": "r04encpu",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "mitsubishielectric",
        "version": null
      },
      {
        "model": "l02cpu-p",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "mitsubishielectric",
        "version": null
      },
      {
        "model": "q24dhccpu-vg2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "mitsubishielectric",
        "version": null
      },
      {
        "model": "q12phcpu",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "mitsubishielectric",
        "version": null
      },
      {
        "model": "fx5uj",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "mitsubishielectric",
        "version": null
      },
      {
        "model": "r16cpu",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "mitsubishielectric",
        "version": null
      },
      {
        "model": "fx3gc",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "mitsubishielectric",
        "version": null
      },
      {
        "model": "q24dhccpu-v",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "mitsubishielectric",
        "version": null
      },
      {
        "model": "r01cpu",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "mitsubishielectric",
        "version": null
      },
      {
        "model": "r02cpu",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "mitsubishielectric",
        "version": null
      },
      {
        "model": "l02cpu",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "mitsubishielectric",
        "version": null
      },
      {
        "model": "q06phcpu",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "mitsubishielectric",
        "version": null
      },
      {
        "model": "q173nccpu",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "mitsubishielectric",
        "version": null
      },
      {
        "model": "q173dscpu",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "mitsubishielectric",
        "version": null
      },
      {
        "model": "r08encpu",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "mitsubishielectric",
        "version": null
      },
      {
        "model": "l02scpu",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "mitsubishielectric",
        "version": null
      },
      {
        "model": "l02scpu-p",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "mitsubishielectric",
        "version": null
      },
      {
        "model": "r04cpu",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "mitsubishielectric",
        "version": null
      },
      {
        "model": "melsec f series",
        "scope": null,
        "trust": 0.8,
        "vendor": "mitsubishi electric",
        "version": null
      },
      {
        "model": "melsec iq-f series",
        "scope": null,
        "trust": 0.8,
        "vendor": "mitsubishi electric",
        "version": null
      },
      {
        "model": "melsec iq-r series",
        "scope": null,
        "trust": 0.8,
        "vendor": "mitsubishi electric",
        "version": null
      },
      {
        "model": "melsec l series",
        "scope": null,
        "trust": 0.8,
        "vendor": "mitsubishi electric",
        "version": null
      },
      {
        "model": "melsec q series",
        "scope": null,
        "trust": 0.8,
        "vendor": "mitsubishi electric",
        "version": null
      },
      {
        "model": "electric melsec iq-r series",
        "scope": null,
        "trust": 0.6,
        "vendor": "misubishi",
        "version": null
      },
      {
        "model": "electric melsec iq-f series",
        "scope": null,
        "trust": 0.6,
        "vendor": "misubishi",
        "version": null
      },
      {
        "model": "electric melsec q series",
        "scope": null,
        "trust": 0.6,
        "vendor": "misubishi",
        "version": null
      },
      {
        "model": "electric melsec l series",
        "scope": null,
        "trust": 0.6,
        "vendor": "misubishi",
        "version": null
      },
      {
        "model": "electric melsec f series",
        "scope": null,
        "trust": 0.6,
        "vendor": "misubishi",
        "version": null
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2020-29576"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-002958"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-5527"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:mitsubishielectric:melsec_f_series",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:mitsubishielectric:melsec_iq-f_series",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:mitsubishielectric:melsec_iq-r_series",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:mitsubishielectric:melsec_l_series",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:mitsubishielectric:melsec_q_series",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-002958"
      }
    ]
  },
  "cve": "CVE-2020-5527",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "CVE-2020-5527",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 1.0,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Network",
            "authentication": "None",
            "author": "IPA",
            "availabilityImpact": "Partial",
            "baseScore": 5.0,
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "JVNDB-2020-002958",
            "impactScore": null,
            "integrityImpact": "None",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "Medium",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.8,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "CNVD-2020-29576",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "HIGH",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "nvd@nist.gov",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 3.9,
            "id": "CVE-2020-5527",
            "impactScore": 3.6,
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Network",
            "author": "IPA",
            "availabilityImpact": "Low",
            "baseScore": 5.3,
            "baseSeverity": "Medium",
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "JVNDB-2020-002958",
            "impactScore": null,
            "integrityImpact": "None",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2020-5527",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "IPA",
            "id": "JVNDB-2020-002958",
            "trust": 0.8,
            "value": "Medium"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2020-29576",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-202003-1699",
            "trust": 0.6,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2020-29576"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-002958"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202003-1699"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-5527"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "When MELSOFT transmission port (UDP/IP) of Mitsubishi Electric MELSEC iQ-R series (all versions), MELSEC iQ-F series (all versions), MELSEC Q series (all versions), MELSEC L series (all versions), and MELSEC F series (all versions) receives massive amount of data via unspecified vectors, resource consumption occurs and the port does not process the data properly. As a result, it may fall into a denial-of-service (DoS) condition. The vendor states this vulnerability only affects Ethernet communication functions. Provided by Mitsubishi Electric Corporation MELSEC iQ-R \uff0c iQ-F \uff0c Q \uff0c L \uff0c F Of the series MELSOFT Communication port (UDP/IP) Is a resource exhaustion vulnerability (CWE-400) Exists. MELSOFT If a large amount of data is sent to the communication port, the resources will be exhausted and processing will not be performed on that port, which will interfere with service operation. (DoS) It may be in a state. This vulnerability information is provided by the developer for the purpose of disseminating it to product users. JPCERT/CC Report to JPCERT/CC Coordinated with the developer.MELSOFT If the communication port goes into an unprocessable state, a normal client MELSOFT You will not be able to connect to the communication port. Also, it becomes difficult to connect devices that are communicating on other communication ports. Misubishi Electric MELSEC iQ-R series, etc. are all programmable logic controllers of Japan Mitsubishi Electric (Misubishi Electric) company. \n\r\n\r\nMany Mitsubishi Electric products have resource management error vulnerabilities",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2020-5527"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-002958"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2020-29576"
      }
    ],
    "trust": 2.16
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2020-5527",
        "trust": 3.0
      },
      {
        "db": "JVN",
        "id": "JVNVU91553662",
        "trust": 2.4
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-20-091-02",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-002958",
        "trust": 0.8
      },
      {
        "db": "CNVD",
        "id": "CNVD-2020-29576",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2020.1157",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202003-1699",
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2020-29576"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-002958"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202003-1699"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-5527"
      }
    ]
  },
  "id": "VAR-202003-1411",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2020-29576"
      }
    ],
    "trust": 1.6
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2020-29576"
      }
    ]
  },
  "last_update_date": "2024-11-23T20:02:16.059000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "MELSOFT\u4ea4\u4fe1\u30dd\u30fc\u30c8\uff08UDP/IP\uff09\u306b\u304a\u3051\u308b\u30ea\u30e2\u30fc\u30c8\u30a2\u30af\u30bb\u30b9\u306e\u8106\u5f31\u6027",
        "trust": 0.8,
        "url": "https://www.mitsubishielectric.co.jp/psirt/vulnerability/pdf/2019-005.pdf"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-002958"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-400",
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2020-5527"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.6,
        "url": "https://jvn.jp/en/vu/jvnvu91553662/index.html"
      },
      {
        "trust": 1.6,
        "url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2019-005_en.pdf"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-5527"
      },
      {
        "trust": 0.8,
        "url": "https://www.us-cert.gov/ics/advisories/icsa-20-091-02"
      },
      {
        "trust": 0.8,
        "url": "https://jvn.jp/vu/jvnvu91553662/"
      },
      {
        "trust": 0.6,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2020-5527"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2020.1157/"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-002958"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202003-1699"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-5527"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CNVD",
        "id": "CNVD-2020-29576"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-002958"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202003-1699"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-5527"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2020-05-22T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2020-29576"
      },
      {
        "date": "2020-03-31T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2020-002958"
      },
      {
        "date": "2020-03-30T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202003-1699"
      },
      {
        "date": "2020-03-30T08:15:17.640000",
        "db": "NVD",
        "id": "CVE-2020-5527"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2020-05-24T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2020-29576"
      },
      {
        "date": "2020-04-01T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2020-002958"
      },
      {
        "date": "2020-04-30T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202003-1699"
      },
      {
        "date": "2024-11-21T05:34:13.020000",
        "db": "NVD",
        "id": "CVE-2020-5527"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202003-1699"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Made by Mitsubishi Electric  MELSEC Of the series  MELSOFT Resource exhaustion vulnerability in communication ports",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-002958"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "resource management error",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202003-1699"
      }
    ],
    "trust": 0.6
  }
}

Vulnerability from fkie_nvd
Published
2020-03-30 08:15
Modified
2024-11-21 05:34
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
When MELSOFT transmission port (UDP/IP) of Mitsubishi Electric MELSEC iQ-R series (all versions), MELSEC iQ-F series (all versions), MELSEC Q series (all versions), MELSEC L series (all versions), and MELSEC F series (all versions) receives massive amount of data via unspecified vectors, resource consumption occurs and the port does not process the data properly. As a result, it may fall into a denial-of-service (DoS) condition. The vendor states this vulnerability only affects Ethernet communication functions.
References
vultures@jpcert.or.jphttps://jvn.jp/en/vu/JVNVU91553662/index.htmlThird Party Advisory
vultures@jpcert.or.jphttps://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2019-005_en.pdfVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://jvn.jp/en/vu/JVNVU91553662/index.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2019-005_en.pdfVendor Advisory
Impacted products
Vendor Product Version
mitsubishielectric cr800-q_firmware -
mitsubishielectric cr800-q -
mitsubishielectric fx3g_firmware -
mitsubishielectric fx3g -
mitsubishielectric fx3gc_firmware -
mitsubishielectric fx3gc -
mitsubishielectric fx3s_firmware -
mitsubishielectric fx3s -
mitsubishielectric fx3u_firmware -
mitsubishielectric fx3u -
mitsubishielectric fx3uc_firmware -
mitsubishielectric fx3uc -
mitsubishielectric fx5u_firmware -
mitsubishielectric fx5u -
mitsubishielectric fx5uc_firmware -
mitsubishielectric fx5uc -
mitsubishielectric fx5uj_firmware -
mitsubishielectric fx5uj -
mitsubishielectric l02cpu_firmware -
mitsubishielectric l02cpu -
mitsubishielectric l02cpu-p_firmware -
mitsubishielectric l02cpu-p -
mitsubishielectric l02scpu_firmware -
mitsubishielectric l02scpu -
mitsubishielectric l02scpu-p_firmware -
mitsubishielectric l02scpu-p -
mitsubishielectric l06cpu_firmware -
mitsubishielectric l06cpu -
mitsubishielectric l06cpu-p_firmware -
mitsubishielectric l06cpu-p -
mitsubishielectric l26cpu_firmware -
mitsubishielectric l26cpu -
mitsubishielectric l26cpu-bt_firmware -
mitsubishielectric l26cpu-bt -
mitsubishielectric l26cpu-p_firmware -
mitsubishielectric l26cpu-p -
mitsubishielectric l26cpu-pbt_firmware -
mitsubishielectric l26cpu-pbt -
mitsubishielectric q02phcpu_firmware -
mitsubishielectric q02phcpu -
mitsubishielectric q06phcpu_firmware -
mitsubishielectric q06phcpu -
mitsubishielectric q12dccpu-v_firmware -
mitsubishielectric q12dccpu-v -
mitsubishielectric q12phcpu_firmware -
mitsubishielectric q12phcpu -
mitsubishielectric q12prhcpu_firmware -
mitsubishielectric q12prhcpu -
mitsubishielectric q172dscpu_firmware -
mitsubishielectric q172dscpu -
mitsubishielectric q173dscpu_firmware -
mitsubishielectric q173dscpu -
mitsubishielectric q173nccpu_firmware -
mitsubishielectric q173nccpu -
mitsubishielectric q24dhccpu-ls_firmware -
mitsubishielectric q24dhccpu-ls -
mitsubishielectric q24dhccpu-v_firmware -
mitsubishielectric q24dhccpu-v -
mitsubishielectric q24dhccpu-vg2_firmware -
mitsubishielectric q24dhccpu-vg2 -
mitsubishielectric q25phcpu_firmware -
mitsubishielectric q25phcpu -
mitsubishielectric q25prhcpu_firmware -
mitsubishielectric q25prhcpu -
mitsubishielectric q26dhccpu-ls_firmware -
mitsubishielectric q26dhccpu-ls -
mitsubishielectric r00cpu_firmware -
mitsubishielectric r00cpu -
mitsubishielectric r01cpu_firmware -
mitsubishielectric r01cpu -
mitsubishielectric r02cpu_firmware -
mitsubishielectric r02cpu -
mitsubishielectric r04cpu_firmware -
mitsubishielectric r04cpu -
mitsubishielectric r04encpu_firmware -
mitsubishielectric r04encpu -
mitsubishielectric r08cpu_firmware -
mitsubishielectric r08cpu -
mitsubishielectric r08encpu_firmware -
mitsubishielectric r08encpu -
mitsubishielectric r120cpu_firmware -
mitsubishielectric r120cpu -
mitsubishielectric r120encpu_firmware -
mitsubishielectric r120encpu -
mitsubishielectric r16cpu_firmware -
mitsubishielectric r16cpu -
mitsubishielectric r16encpu_firmware -
mitsubishielectric r16encpu -
mitsubishielectric r32cpu_firmware -
mitsubishielectric r32cpu -
mitsubishielectric r32encpu_firmware -
mitsubishielectric r32encpu -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:mitsubishielectric:cr800-q_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF2A7CBE-E5C3-425E-8B96-68B00D91C78B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:mitsubishielectric:cr800-q:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "26BB628D-BE6A-493D-8AF3-F0F7C2744D5A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:mitsubishielectric:fx3g_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2A1590B-D508-4B52-815C-D2B74DE9BB90",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:mitsubishielectric:fx3g:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A25D12B9-D2F2-4F42-A227-20B1E65A14CE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:mitsubishielectric:fx3gc_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6BF49EC6-DA86-475E-B67A-50E55F4849B2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:mitsubishielectric:fx3gc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D319713C-7222-429B-87E3-3C4BFCD23E85",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:mitsubishielectric:fx3s_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3EC1317A-3E2D-4EC1-B3C8-3535DA9E0F67",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:mitsubishielectric:fx3s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E2BB478B-D589-45A1-9149-3A76941AE4BC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:mitsubishielectric:fx3u_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0CE6315A-D01D-40B4-B1FD-8E9D4B1F7BA3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:mitsubishielectric:fx3u:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E76BD47-E635-48F2-AE04-6682E8AC3766",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:mitsubishielectric:fx3uc_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C92EBEF-9479-4E84-9DAF-29D1F9784155",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:mitsubishielectric:fx3uc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A879DAAF-F3F5-4800-9C2F-0C6F38EEFC4D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:mitsubishielectric:fx5u_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "00BF039E-A541-4A79-83EC-C5A6779975B3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:mitsubishielectric:fx5u:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "599F54D9-E6F4-4244-B251-CDA5213654BA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:mitsubishielectric:fx5uc_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "66B8BB34-6DC1-459A-9C82-C54CC44F9D03",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:mitsubishielectric:fx5uc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "58019A30-5F53-4E6A-AADA-A002C8B73C24",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:mitsubishielectric:fx5uj_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2526AE1D-EE80-4828-AD4B-DD1E985F238B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:mitsubishielectric:fx5uj:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "71622C45-9436-4AC0-8DFC-C05E4F92EA61",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:mitsubishielectric:l02cpu_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "94E9318C-B3FA-43A5-8509-285FD1968D6A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:mitsubishielectric:l02cpu:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "125482D3-8FA3-4E80-BE4D-29C3C721C624",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:mitsubishielectric:l02cpu-p_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1B0BC24-11B5-4174-8877-966FE4ED959D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:mitsubishielectric:l02cpu-p:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "ECC3E9C7-04C0-43F1-99B2-0C2471238A13",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:mitsubishielectric:l02scpu_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "739910FB-4D30-4E48-823A-778390DC7691",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:mitsubishielectric:l02scpu:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC87459F-DB5E-4A5F-BFFC-B2026405F74B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:mitsubishielectric:l02scpu-p_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A0F2373-BC92-42D8-A076-92B6AC32B3AC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:mitsubishielectric:l02scpu-p:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "61414DA7-87A6-421E-B75D-5D4283B54C41",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:mitsubishielectric:l06cpu_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A0B804C2-CF55-42C5-BBE2-2035C1FAEF58",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:mitsubishielectric:l06cpu:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "63C8CF5F-FFDF-4403-96D0-46A7FECAC5E2",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:mitsubishielectric:l06cpu-p_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "23DAE700-6C44-4DB6-83F0-1FC4C687B8F5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:mitsubishielectric:l06cpu-p:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "961B56BC-F78C-44CC-885E-3451DFDF29EA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:mitsubishielectric:l26cpu_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "45C1BC66-A107-4ADA-B0EE-82C71CFEC105",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:mitsubishielectric:l26cpu:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1884BE8D-FFCD-4089-9F0B-519C8F570FCF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:mitsubishielectric:l26cpu-bt_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "15080C41-2C1F-46E8-920A-EDAE23E6CCB1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:mitsubishielectric:l26cpu-bt:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3966C103-5181-49E3-878F-A0AF9F1DBA76",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:mitsubishielectric:l26cpu-p_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "361DEFFD-40FD-4B5F-ACFC-A62C165D4072",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:mitsubishielectric:l26cpu-p:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FFD2A6CD-32DE-49F0-89F4-C130F0809766",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:mitsubishielectric:l26cpu-pbt_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C3C588A-1BFF-47B5-A658-EAF93F437E8A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:mitsubishielectric:l26cpu-pbt:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A60BE93D-B60D-4F45-ACD3-7B64C0C45D83",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:mitsubishielectric:q02phcpu_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "02651218-2B85-4991-8379-0EE3B4B8A291",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:mitsubishielectric:q02phcpu:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B20D1BF-244D-4053-AF21-8A4940CC07DB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:mitsubishielectric:q06phcpu_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "02BE0617-11A9-45E8-A08B-C07ED0F13FC0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:mitsubishielectric:q06phcpu:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "209C8EA9-FCF9-4328-ABFC-39E9AD3DED33",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:mitsubishielectric:q12dccpu-v_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "00B24F2C-950F-4629-BBA5-ECE4B54A451A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:mitsubishielectric:q12dccpu-v:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2EBEC354-7543-4351-AD8F-0A501FF9F3CD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:mitsubishielectric:q12phcpu_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1226F70B-39A4-4646-8B4A-366C5AA419C1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:mitsubishielectric:q12phcpu:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4990FA80-B3FE-4BB5-BBC9-121AD277CEEE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:mitsubishielectric:q12prhcpu_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A3EAE7F3-7923-4D8C-B60A-8391689C1FCD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:mitsubishielectric:q12prhcpu:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4070CA9-B707-4888-B46E-3A158639133B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:mitsubishielectric:q172dscpu_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0EFFD6EB-DEC6-480B-A291-5EB06E2595DF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:mitsubishielectric:q172dscpu:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD93A14A-0E09-4355-82D0-143A959658D5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:mitsubishielectric:q173dscpu_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "70A75998-BB23-4E99-8970-6BFD73207031",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:mitsubishielectric:q173dscpu:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "597ED633-B087-46BD-832F-0978A5E1958D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:mitsubishielectric:q173nccpu_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D31EF117-F724-4F65-828D-43B6490F1CA7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:mitsubishielectric:q173nccpu:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3309D461-6E1F-4742-9864-C1C950EA6E6C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:mitsubishielectric:q24dhccpu-ls_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B0D8B0EF-E4A0-49C9-A3A3-2B3853F6A87B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:mitsubishielectric:q24dhccpu-ls:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7450DA08-2475-4256-B458-E4164577EF6C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:mitsubishielectric:q24dhccpu-v_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "86321C61-6585-42AC-93AE-3AFE1A304BD1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:mitsubishielectric:q24dhccpu-v:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "210A2E8A-BF20-43F5-BA07-CB662833DE1D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:mitsubishielectric:q24dhccpu-vg2_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3DAE5B0E-9453-4440-9671-E9CAF2C4D804",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:mitsubishielectric:q24dhccpu-vg2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "42B8ADB2-9EF6-4B8D-92E6-B06D129DB399",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:mitsubishielectric:q25phcpu_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BF11C54C-DB60-4D0E-B427-A751F0EEA933",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:mitsubishielectric:q25phcpu:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "329F14BA-2BA2-4C5B-BA00-CFAF007842A5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:mitsubishielectric:q25prhcpu_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8999B0E3-8592-490D-8F97-E7A0CF7DD53C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:mitsubishielectric:q25prhcpu:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6BB1653B-A02B-48BA-9393-BF3337D02E33",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:mitsubishielectric:q26dhccpu-ls_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "99135DCE-0336-45B4-A04A-30EB50A6F96C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:mitsubishielectric:q26dhccpu-ls:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3A79557-71AA-466E-9E1E-EEE00B54386A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:mitsubishielectric:r00cpu_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4BAECA77-FAF2-4A92-AEC4-E9CE6E97191E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:mitsubishielectric:r00cpu:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B0A23F21-9C5F-4CB3-BA20-4195B2165D26",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:mitsubishielectric:r01cpu_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "509CC970-A464-4B21-9094-2B0C2CE63F4A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:mitsubishielectric:r01cpu:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CADF6528-4B25-4779-A06F-2C4DF91DAE90",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:mitsubishielectric:r02cpu_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "181FBE97-4AC2-4E5E-B8F3-5990801D2581",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:mitsubishielectric:r02cpu:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D753C47-ED9C-453F-AC1F-C50476BE61C0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:mitsubishielectric:r04cpu_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "72F8AA4E-EA6B-49B8-B370-B4FFEA158C93",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:mitsubishielectric:r04cpu:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BDEEF15E-FE32-4610-9E14-891069573E4D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:mitsubishielectric:r04encpu_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A3A76FE2-43E4-4B70-972B-24D68029686F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:mitsubishielectric:r04encpu:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5862905-F77D-4DEE-88A8-59893362936F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:mitsubishielectric:r08cpu_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D4C04EE-0130-4CD7-94A0-7E007C166B61",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:mitsubishielectric:r08cpu:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2DAA2202-88D5-4329-BF51-0F18C350C45C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:mitsubishielectric:r08encpu_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4395FC87-A7E6-4023-A3D7-EE2BE1889214",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:mitsubishielectric:r08encpu:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B85DAD9-7F5B-4740-94A3-94835D82CE3C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:mitsubishielectric:r120cpu_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0639C212-1596-4B3F-BDA9-722D43119F5E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:mitsubishielectric:r120cpu:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3EF7D08E-D3D1-48D4-9440-B94B7A2BD662",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:mitsubishielectric:r120encpu_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E817A24C-8299-428E-B31B-F9921B6677AD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:mitsubishielectric:r120encpu:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "411C7828-D7C7-4B42-82E3-CAC21C15951C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:mitsubishielectric:r16cpu_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B4EDB93E-5A80-4874-8B70-4609137E0120",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:mitsubishielectric:r16cpu:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "30016EA0-FB24-4382-8960-6A75D32C9BD7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:mitsubishielectric:r16encpu_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE9C85A1-0CDE-44FF-ACF2-22DCD0D04B00",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:mitsubishielectric:r16encpu:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "81F7DE17-AA44-4E78-B07B-3D9F641DF445",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:mitsubishielectric:r32cpu_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "140158F4-08B3-4BEF-95DE-28A3C272ABB6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:mitsubishielectric:r32cpu:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DAF6EB84-7D97-4606-A90F-9D443CBC4755",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:mitsubishielectric:r32encpu_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "088D771F-0978-4549-A7AA-A90C79BDA5F6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:mitsubishielectric:r32encpu:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9546A301-8039-4D42-B1A2-AAF6C3C17203",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "When MELSOFT transmission port (UDP/IP) of Mitsubishi Electric MELSEC iQ-R series (all versions), MELSEC iQ-F series (all versions), MELSEC Q series (all versions), MELSEC L series (all versions), and MELSEC F series (all versions) receives massive amount of data via unspecified vectors, resource consumption occurs and the port does not process the data properly. As a result, it may fall into a denial-of-service (DoS) condition. The vendor states this vulnerability only affects Ethernet communication functions."
    },
    {
      "lang": "es",
      "value": "Cuando el puerto de transmisi\u00f3n de MELSOFT (UDP/IP) de la serie Mitsubishi Electric MELSEC iQ-R (todas las versiones), la serie MELSEC iQ-F (todas las versiones), la serie MELSEC Q (todas las versiones), la serie MELSEC L (todas las versiones) y la serie MELSEC F (todas las versiones), recibe una cantidad masiva de datos por medio de vectores no especificados, un consumo de recursos se presenta y el puerto no procesa los datos apropiadamente. Como resultado, puede caer en una condici\u00f3n de denegaci\u00f3n de servicio (DoS). El proveedor declara que esta vulnerabilidad solo afecta las funciones de comunicaci\u00f3n Ethernet."
    }
  ],
  "id": "CVE-2020-5527",
  "lastModified": "2024-11-21T05:34:13.020",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-03-30T08:15:17.640",
  "references": [
    {
      "source": "vultures@jpcert.or.jp",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://jvn.jp/en/vu/JVNVU91553662/index.html"
    },
    {
      "source": "vultures@jpcert.or.jp",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2019-005_en.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://jvn.jp/en/vu/JVNVU91553662/index.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2019-005_en.pdf"
    }
  ],
  "sourceIdentifier": "vultures@jpcert.or.jp",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-400"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

cve-2020-5527
Vulnerability from cvelistv5
Published
2020-03-30 07:10
Modified
2024-08-04 08:30
Severity ?
Summary
When MELSOFT transmission port (UDP/IP) of Mitsubishi Electric MELSEC iQ-R series (all versions), MELSEC iQ-F series (all versions), MELSEC Q series (all versions), MELSEC L series (all versions), and MELSEC F series (all versions) receives massive amount of data via unspecified vectors, resource consumption occurs and the port does not process the data properly. As a result, it may fall into a denial-of-service (DoS) condition. The vendor states this vulnerability only affects Ethernet communication functions.
References
https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2019-005_en.pdfx_refsource_MISC
https://jvn.jp/en/vu/JVNVU91553662/index.htmlx_refsource_MISC
Impacted products
Vendor Product Version
Mitsubishi Electric Corporation MELSOFT transmission port (UDP/IP) of multiple Mitsubishi Electric MELSEC series Version: MELSEC iQ-R series (all versions), MELSEC iQ-F series (all versions), MELSEC Q series (all versions), MELSEC L series (all versions), and MELSEC F series (all versions)
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T08:30:24.568Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2019-005_en.pdf"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://jvn.jp/en/vu/JVNVU91553662/index.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "MELSOFT transmission port (UDP/IP) of multiple Mitsubishi Electric MELSEC series",
          "vendor": "Mitsubishi Electric Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "MELSEC iQ-R series (all versions), MELSEC iQ-F series (all versions), MELSEC Q series (all versions), MELSEC L series (all versions), and MELSEC F series (all versions)"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "When MELSOFT transmission port (UDP/IP) of Mitsubishi Electric MELSEC iQ-R series (all versions), MELSEC iQ-F series (all versions), MELSEC Q series (all versions), MELSEC L series (all versions), and MELSEC F series (all versions) receives massive amount of data via unspecified vectors, resource consumption occurs and the port does not process the data properly. As a result, it may fall into a denial-of-service (DoS) condition. The vendor states this vulnerability only affects Ethernet communication functions."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Denial-of-service (DoS)",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-03-30T07:10:14",
        "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "shortName": "jpcert"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2019-005_en.pdf"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://jvn.jp/en/vu/JVNVU91553662/index.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "vultures@jpcert.or.jp",
          "ID": "CVE-2020-5527",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "MELSOFT transmission port (UDP/IP) of multiple Mitsubishi Electric MELSEC series",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "MELSEC iQ-R series (all versions), MELSEC iQ-F series (all versions), MELSEC Q series (all versions), MELSEC L series (all versions), and MELSEC F series (all versions)"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Mitsubishi Electric Corporation"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "When MELSOFT transmission port (UDP/IP) of Mitsubishi Electric MELSEC iQ-R series (all versions), MELSEC iQ-F series (all versions), MELSEC Q series (all versions), MELSEC L series (all versions), and MELSEC F series (all versions) receives massive amount of data via unspecified vectors, resource consumption occurs and the port does not process the data properly. As a result, it may fall into a denial-of-service (DoS) condition. The vendor states this vulnerability only affects Ethernet communication functions."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Denial-of-service (DoS)"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2019-005_en.pdf",
              "refsource": "MISC",
              "url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2019-005_en.pdf"
            },
            {
              "name": "https://jvn.jp/en/vu/JVNVU91553662/index.html",
              "refsource": "MISC",
              "url": "https://jvn.jp/en/vu/JVNVU91553662/index.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
    "assignerShortName": "jpcert",
    "cveId": "CVE-2020-5527",
    "datePublished": "2020-03-30T07:10:14",
    "dateReserved": "2020-01-06T00:00:00",
    "dateUpdated": "2024-08-04T08:30:24.568Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}