CVE-2020-5665

Опубликовано: 14 дек. 2020

Источник: nvd

CVSS3: 7.4

CVSS2: 3.3

EPSS Низкий

Описание

Improper check or handling of exceptional conditions in MELSEC iQ-F series FX5U(C) CPU unit firmware version 1.060 and earlier allows an attacker to cause a denial-of-service (DoS) condition on program execution and communication by sending a specially crafted ARP packet.

Ссылки

https://jvn.jp/vu/JVNVU95638588/index.html
Third Party Advisory
https://us-cert.cisa.gov/ics/advisories/icsa-20-345-01
Third Party Advisory
US Government Resource
https://www.mitsubishielectric.co.jp/psirt/vulnerability/pdf/2020-018.pdf
Vendor Advisory
https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2020-018_en.pdf
Vendor Advisory
https://jvn.jp/vu/JVNVU95638588/index.html
Third Party Advisory
https://us-cert.cisa.gov/ics/advisories/icsa-20-345-01
Third Party Advisory
US Government Resource
https://www.mitsubishielectric.co.jp/psirt/vulnerability/pdf/2020-018.pdf
Vendor Advisory
https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2020-018_en.pdf
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:mitsubishielectric:melsec_iq-f_fx5u_cpu_firmware:*:*:*:*:*:*:*:*

Версия до 1.060 (включая)

cpe:2.3:h:mitsubishielectric:melsec_iq-f_fx5u_cpu:-:*:*:*:*:*:*:*

EPSS

Процентиль: 39%

0.00178

Низкий

7.4 High

CVSS3

3.3 Low

CVSS2

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

GHSA-r9xw-pv6r-fxr3

github

больше 3 лет назад