CVE-2020-16850
Summary
| CVE | CVE-2020-16850 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2020-11-30 22:15:00 UTC |
| Updated | 2021-07-21 11:39:00 UTC |
| Description | Mitsubishi MELSEC iQ-R Series PLCs with firmware 49 allow an unauthenticated attacker to halt the industrial process by sending a crafted packet over the network. This denial of service attack exposes Improper Input Validation. After halting, physical access to the PLC is required in order to restore production, and the device state is lost. This is related to R04CPU, RJ71GF11-T2, R04CPU, and RJ71GF11-T2. |
Risk And Classification
Problem Types: CWE-20 | CWE-400
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Hardware | Mitsubishielectric | R00cpu | - | All | All | All |
| Hardware | Mitsubishielectric | R00cpu | - | All | All | All |
| Operating System | Mitsubishielectric | R00cpu Firmware | All | All | All | All |
| Hardware | Mitsubishielectric | R01cpu | - | All | All | All |
| Hardware | Mitsubishielectric | R01cpu | - | All | All | All |
| Operating System | Mitsubishielectric | R01cpu Firmware | All | All | All | All |
| Hardware | Mitsubishielectric | R02cpu | - | All | All | All |
| Hardware | Mitsubishielectric | R02cpu | - | All | All | All |
| Operating System | Mitsubishielectric | R02cpu Firmware | All | All | All | All |
| Hardware | Mitsubishielectric | R04cpu | - | All | All | All |
| Hardware | Mitsubishielectric | R04cpu | - | All | All | All |
| Operating System | Mitsubishielectric | R04cpu Firmware | All | All | All | All |
| Hardware | Mitsubishielectric | R08cpu | - | All | All | All |
| Hardware | Mitsubishielectric | R08cpu | - | All | All | All |
| Operating System | Mitsubishielectric | R08cpu Firmware | All | All | All | All |
| Hardware | Mitsubishielectric | R08pcpu | - | All | All | All |
| Hardware | Mitsubishielectric | R08pcpu | - | All | All | All |
| Operating System | Mitsubishielectric | R08pcpu Firmware | All | All | All | All |
| Operating System | Mitsubishielectric | R08pcpu Firmware | All | All | All | All |
| Hardware | Mitsubishielectric | R08sfcpu | - | All | All | All |
| Hardware | Mitsubishielectric | R08sfcpu | - | All | All | All |
| Operating System | Mitsubishielectric | R08sfcpu Firmware | All | All | All | All |
| Hardware | Mitsubishielectric | R120cpu | - | All | All | All |
| Hardware | Mitsubishielectric | R120cpu | - | All | All | All |
| Operating System | Mitsubishielectric | R120cpu Firmware | All | All | All | All |
| Hardware | Mitsubishielectric | R120pcpu | - | All | All | All |
| Hardware | Mitsubishielectric | R120pcpu | - | All | All | All |
| Operating System | Mitsubishielectric | R120pcpu Firmware | All | All | All | All |
| Operating System | Mitsubishielectric | R120pcpu Firmware | All | All | All | All |
| Hardware | Mitsubishielectric | R120sfcpu | - | All | All | All |
| Hardware | Mitsubishielectric | R120sfcpu | - | All | All | All |
| Operating System | Mitsubishielectric | R120sfcpu Firmware | All | All | All | All |
| Hardware | Mitsubishielectric | R16cpu | - | All | All | All |
| Hardware | Mitsubishielectric | R16cpu | - | All | All | All |
| Operating System | Mitsubishielectric | R16cpu Firmware | All | All | All | All |
| Hardware | Mitsubishielectric | R16mtcpu | - | All | All | All |
| Hardware | Mitsubishielectric | R16mtcpu | - | All | All | All |
| Operating System | Mitsubishielectric | R16mtcpu Firmware | All | All | All | All |
| Operating System | Mitsubishielectric | R16mtcpu Firmware | All | All | All | All |
| Hardware | Mitsubishielectric | R16pcpu | - | All | All | All |
| Hardware | Mitsubishielectric | R16pcpu | - | All | All | All |
| Operating System | Mitsubishielectric | R16pcpu Firmware | All | All | All | All |
| Operating System | Mitsubishielectric | R16pcpu Firmware | All | All | All | All |
| Hardware | Mitsubishielectric | R16sfcpu | - | All | All | All |
| Hardware | Mitsubishielectric | R16sfcpu | - | All | All | All |
| Operating System | Mitsubishielectric | R16sfcpu Firmware | All | All | All | All |
| Hardware | Mitsubishielectric | R32cpu | - | All | All | All |
| Hardware | Mitsubishielectric | R32cpu | - | All | All | All |
| Operating System | Mitsubishielectric | R32cpu Firmware | All | All | All | All |
| Hardware | Mitsubishielectric | R32mtcpu | - | All | All | All |
| Hardware | Mitsubishielectric | R32mtcpu | - | All | All | All |
| Operating System | Mitsubishielectric | R32mtcpu Firmware | All | All | All | All |
| Operating System | Mitsubishielectric | R32mtcpu Firmware | All | All | All | All |
| Hardware | Mitsubishielectric | R32pcpu | - | All | All | All |
| Hardware | Mitsubishielectric | R32pcpu | - | All | All | All |
| Operating System | Mitsubishielectric | R32pcpu Firmware | All | All | All | All |
| Operating System | Mitsubishielectric | R32pcpu Firmware | All | All | All | All |
| Hardware | Mitsubishielectric | R32sfcpu | - | All | All | All |
| Hardware | Mitsubishielectric | R32sfcpu | - | All | All | All |
| Operating System | Mitsubishielectric | R32sfcpu Firmware | All | All | All | All |
| Hardware | Mitsubishielectric | R64mtcpu | - | All | All | All |
| Hardware | Mitsubishielectric | R64mtcpu | - | All | All | All |
| Operating System | Mitsubishielectric | R64mtcpu Firmware | All | All | All | All |
| Operating System | Mitsubishielectric | R64mtcpu Firmware | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| CVSS 8.6 DoS Vulnerability in Mitsubishi Electric MELSEC iQ-R Series CPU | MISC | blog.scadafence.com | Third Party Advisory |
| Mitsubishi Electric MELSEC iQ-R Series | CISA | MISC | us-cert.cisa.gov | Third Party Advisory, US Government Resource |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 590600 Mitsubishi Electric MELSEC iQ-R Series (Update C) Uncontrolled Resource Consumption Vulnerability (ICSA-20-282-02)