CVSS: 9.1EPSS: 0%CPEs: 16EXPL: 0CVE-2021-20599
https://notcve.org/view.php?id=CVE-2021-20599
14 Oct 2021 — Cleartext Transmission of Sensitive InformationCleartext transmission of sensitive information vulnerability in MELSEC iQ-R series Safety CPU R08/16/32/120SFCPU firmware versions "26" and prior and MELSEC iQ-R series SIL2 Process CPU R08/16/32/120PSFCPU firmware versions "11" and prior allows a remote unauthenticated attacker to login to a target CPU module by obtaining credentials other than password. La vulnerabilidad de transmisión de texto claro de información sensible en las versiones de firmware "26" ... • https://jvn.jp/vu/JVNVU98578731 • CWE-319: Cleartext Transmission of Sensitive Information CWE-639: Authorization Bypass Through User-Controlled Key •
CVSS: 5.3EPSS: 1%CPEs: 16EXPL: 0CVE-2021-20598
https://notcve.org/view.php?id=CVE-2021-20598
06 Aug 2021 — Overly Restrictive Account Lockout Mechanism vulnerability in Mitsubishi Electric MELSEC iQ-R series CPU modules (R08/16/32/120SFCPU all versions, R08/16/32/120PSFCPU all versions) allows a remote unauthenticated attacker to lockout a legitimate user by continuously trying login with incorrect password. Una vulnerabilidad del Mecanismo de Bloqueo de Cuentas Demasiado Restrictivo en los módulos de CPU de la serie MELSEC iQ-R de Mitsubishi Electric (R08/16/32/120SFCPU todas las versiones, R08/16/32/120PSFCPU ... • https://jvn.jp/vu/JVNVU98578731/index.html • CWE-287: Improper Authentication •
CVSS: 7.5EPSS: 1%CPEs: 16EXPL: 0CVE-2021-20594
https://notcve.org/view.php?id=CVE-2021-20594
06 Aug 2021 — Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Mitsubishi Electric MELSEC iQ-R series Safety CPU modules R08/16/32/120SFCPU firmware versions "26" and prior and Mitsubishi Electric MELSEC iQ-R series SIL2 Process CPU modules R08/16/32/120PSFCPU firmware versions "11" and prior allows a remote unauthenticated attacker to acquire legitimate user names registered in the module via brute-force attack on user names. La exposición de información sensible a un actor no autorizado es un... • https://jvn.jp/vu/JVNVU98578731/index.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.1EPSS: 1%CPEs: 16EXPL: 0CVE-2021-20597
https://notcve.org/view.php?id=CVE-2021-20597
06 Aug 2021 — Insufficiently Protected Credentials vulnerability in Mitsubishi Electric MELSEC iQ-R series Safety CPU modules R08/16/32/120SFCPU firmware versions "26" and prior and Mitsubishi Electric MELSEC iQ-R series SIL2 Process CPU modules R08/16/32/120PSFCPU firmware versions "11" and prior allows a remote unauthenticated attacker to login to the target unauthorizedly by sniffing network traffic and obtaining credentials when registering user information in the target or changing a password. La vulnerabilidad de c... • https://jvn.jp/vu/JVNVU98578731/index.html • CWE-522: Insufficiently Protected Credentials •
CVSS: 7.8EPSS: 0%CPEs: 40EXPL: 0CVE-2021-20591
https://notcve.org/view.php?id=CVE-2021-20591
11 Jun 2021 — Uncontrolled Resource Consumption vulnerability in Mitsubishi Electric MELSEC iQ-R series CPU modules (R00/01/02CPU all versions, R04/08/16/32/120(EN)CPU all versions, R08/16/32/120SFCPU all versions, R08/16/32/120PCPU all versions, R08/16/32/120PSFCPU all versions) allows a remote unauthenticated attacker to prevent legitimate clients from connecting to the MELSOFT transmission port (TCP/IP) by not closing a connection properly, which may lead to a denial of service (DoS) condition. Una vulnerabilidad de C... • https://jvn.jp/vu/JVNVU98060539/index.html • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 2%CPEs: 56EXPL: 0CVE-2020-5668
https://notcve.org/view.php?id=CVE-2020-5668
20 Nov 2020 — Uncontrolled resource consumption vulnerability in MELSEC iQ-R Series modules (R00/01/02CPU firmware version '19' and earlier, R04/08/16/32/120 (EN) CPU firmware version '51' and earlier, R08/16/32/120SFCPU firmware version '22' and earlier, R08/16/32/120PCPU firmware version '25' and earlier, R08/16/32/120PSFCPU firmware version '06' and earlier, RJ71EN71 firmware version '47' and earlier, RJ71GF11-T2 firmware version '47' and earlier, RJ72GF15-T2 firmware version '07' and earlier, RJ71GP21-SX firmware ver... • https://jvn.jp/vu/JVNVU95980140/index.html • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.5EPSS: 0%CPEs: 102EXPL: 0CVE-2020-5652
https://notcve.org/view.php?id=CVE-2020-5652
30 Oct 2020 — Uncontrolled resource consumption vulnerability in Ethernet Port on MELSEC iQ-R, Q and L series CPU modules (R 00/01/02 CPU firmware versions '20' and earlier, R 04/08/16/32/120 (EN) CPU firmware versions '52' and earlier, R 08/16/32/120 SFCPU firmware versions '22' and earlier, R 08/16/32/120 PCPU all versions, R 08/16/32/120 PSFCPU all versions, R 16/32/64 MTCPU all versions, Q03 UDECPU, Q 04/06/10/13/20/26/50/100 UDEHCPU serial number '22081' and earlier , Q 03/04/06/13/26 UDVCPU serial number '22031' an... • https://jvn.jp/vu/JVNVU96558207/index.html • CWE-400: Uncontrolled Resource Consumption •