CVE-2021-20596
Summary
| CVE | CVE-2021-20596 |
|---|
| State | PUBLIC |
|---|
| Assigner | [email protected] |
|---|
| Source Priority | CVE Program / NVD first with legacy fallback |
|---|
| Published | 2021-07-22 12:15:00 UTC |
|---|
| Updated | 2021-08-02 14:25:00 UTC |
|---|
| Description | NULL Pointer Dereference in MELSEC-F Series FX3U-ENET firmware version 1.14 and prior, FX3U-ENET-L firmware version 1.14 and prior and FX3U-ENET-P502 firmware version 1.14 and prior allows a remote unauthenticated attacker to cause a DoS condition in communication by sending specially crafted packets. Control by MELSEC-F series PLC is not affected and system reset is required for recovery. |
|---|
NVD Known Affected Configurations (CPE 2.3)
References
| Reference | Source | Link | Tags |
|---|
| www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-006_en.pdf |
MISC |
www.mitsubishielectric.com |
|
| Mitsubishi Electric MELSEC-F Series | CISA |
MISC |
us-cert.cisa.gov |
Third Party Advisory |
| JVNVU#94348759: 三菱電機製 MELSEC F シリーズ Ethernet インタフェースブロックにおける NULL ポインタ参照の脆弱性 |
MISC |
jvn.jp |
|
| CVE Program record |
CVE.ORG |
www.cve.org |
canonical |
| NVD vulnerability detail |
NVD |
nvd.nist.gov |
canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 590654 Mitsubishi Electric MELSEC-F Series Denial of Service (DoS) Vulnerability (ICSA-21-201-01)
