CVE-2021-20613
Summary
| CVE | CVE-2021-20613 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2022-01-14 20:15:00 UTC |
| Updated | 2022-01-21 18:04:00 UTC |
| Description | Improper initialization vulnerability in MELSEC-F series FX3U-ENET Firmware version 1.16 and prior, FX3U-ENET-L Firmware version 1.16 and prior and FX3U-ENET-P502 Firmware version 1.16 and prior allows a remote unauthenticated attacker to cause a denial-of-service (DoS) condition in communication function of the product by sending specially crafted packets. Control by MELSEC-F series PLC is not affected by this vulnerability, but system reset is required for recovery. |
Risk And Classification
Problem Types: CWE-665
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Hardware | Mitsubishielectric | Fx3u-enet | - | All | All | All |
| Hardware | Mitsubishielectric | Fx3u-enet-l | - | All | All | All |
| Operating System | Mitsubishielectric | Fx3u-enet-l Firmware | All | All | All | All |
| Hardware | Mitsubishielectric | Fx3u-enet-p502 | - | All | All | All |
| Operating System | Mitsubishielectric | Fx3u-enet-p502 Firmware | All | All | All | All |
| Operating System | Mitsubishielectric | Fx3u-enet Firmware | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| JVNVU#93268332: MELSEC FシリーズEthernetインタフェースブロックにおける複数の脆弱性 | MISC | jvn.jp | |
| www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-024_en.pdf | MISC | www.mitsubishielectric.com | |
| Mitsubishi Electric MELSEC-F Series | CISA | MISC | www.cisa.gov | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.