CVSS: 7.8EPSS: 0%CPEs: 38EXPL: 0CVE-2020-16850
https://notcve.org/view.php?id=CVE-2020-16850
30 Nov 2020 — Mitsubishi MELSEC iQ-R Series PLCs with firmware 49 allow an unauthenticated attacker to halt the industrial process by sending a crafted packet over the network. This denial of service attack exposes Improper Input Validation. After halting, physical access to the PLC is required in order to restore production, and the device state is lost. This is related to R04CPU, RJ71GF11-T2, R04CPU, and RJ71GF11-T2. Los PLC de la serie Mitsubishi MELSEC iQ-R con firmware 49 permiten a un atacante no autenticado detene... • https://blog.scadafence.com/vulnerability-in-mitsubishi-electric-melsec-iq-r-series • CWE-20: Improper Input Validation CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.5EPSS: 0%CPEs: 102EXPL: 0CVE-2020-5652
https://notcve.org/view.php?id=CVE-2020-5652
30 Oct 2020 — Uncontrolled resource consumption vulnerability in Ethernet Port on MELSEC iQ-R, Q and L series CPU modules (R 00/01/02 CPU firmware versions '20' and earlier, R 04/08/16/32/120 (EN) CPU firmware versions '52' and earlier, R 08/16/32/120 SFCPU firmware versions '22' and earlier, R 08/16/32/120 PCPU all versions, R 08/16/32/120 PSFCPU all versions, R 16/32/64 MTCPU all versions, Q03 UDECPU, Q 04/06/10/13/20/26/50/100 UDEHCPU serial number '22081' and earlier , Q 03/04/06/13/26 UDVCPU serial number '22031' an... • https://jvn.jp/vu/JVNVU96558207/index.html • CWE-400: Uncontrolled Resource Consumption •