CVE-2020-13238
Severity Score
7.5
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Mitsubishi MELSEC iQ-R Series PLCs with firmware 33 allow attackers to halt the industrial process by sending an unauthenticated crafted packet over the network, because this denial of service attack consumes excessive CPU time. After halting, physical access to the PLC is required in order to restore production.
Los PLC Mitsubishi MELSEC iQ-R Series con firmware 33, permiten a atacantes detener el proceso industrial mediante el envío de un paquete diseñado no autenticado a través de la red, porque este ataque de denegación de servicio consume un tiempo excesivo de la CPU. Después de detenerse, se requiere acceso físico al PLC para restaurar producción
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2020-05-20 CVE Reserved
- 2020-06-10 CVE Published
- 2024-03-30 EPSS Updated
- 2024-08-04 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-400: Uncontrolled Resource Consumption
CAPEC
References (3)
| URL | Tag | Source |
|---|---|---|
| http://jvn.jp/vu/JVNVU97662844/index.html | Third Party Advisory | |
| https://www.us-cert.gov/ics/advisories/icsa-20-161-02 | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2020-001_en.pdf | 2020-06-23 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Mitsubishielectric Search vendor "Mitsubishielectric" | Melsec Iq-r00cpu Firmware Search vendor "Mitsubishielectric" for product "Melsec Iq-r00cpu Firmware" | <= 7 Search vendor "Mitsubishielectric" for product "Melsec Iq-r00cpu Firmware" and version " <= 7" | - |
Affected
| in | Mitsubishielectric Search vendor "Mitsubishielectric" | Melsec Iq-r00cpu Search vendor "Mitsubishielectric" for product "Melsec Iq-r00cpu" | - | - |
Safe
|
| Mitsubishielectric Search vendor "Mitsubishielectric" | Melsec Iq-r01cpu Firmware Search vendor "Mitsubishielectric" for product "Melsec Iq-r01cpu Firmware" | <= 7 Search vendor "Mitsubishielectric" for product "Melsec Iq-r01cpu Firmware" and version " <= 7" | - |
Affected
| in | Mitsubishielectric Search vendor "Mitsubishielectric" | Melsec Iq-r01cpu Search vendor "Mitsubishielectric" for product "Melsec Iq-r01cpu" | - | - |
Safe
|
| Mitsubishielectric Search vendor "Mitsubishielectric" | Melsec Iq-r02cpu Firmware Search vendor "Mitsubishielectric" for product "Melsec Iq-r02cpu Firmware" | <= 7 Search vendor "Mitsubishielectric" for product "Melsec Iq-r02cpu Firmware" and version " <= 7" | - |
Affected
| in | Mitsubishielectric Search vendor "Mitsubishielectric" | Melsec Iq-r02cpu Search vendor "Mitsubishielectric" for product "Melsec Iq-r02cpu" | - | - |
Safe
|
| Mitsubishielectric Search vendor "Mitsubishielectric" | Melsec Iq-r04cpu Firmware Search vendor "Mitsubishielectric" for product "Melsec Iq-r04cpu Firmware" | <= 39 Search vendor "Mitsubishielectric" for product "Melsec Iq-r04cpu Firmware" and version " <= 39" | - |
Affected
| in | Mitsubishielectric Search vendor "Mitsubishielectric" | Melsec Iq-r04cpu Search vendor "Mitsubishielectric" for product "Melsec Iq-r04cpu" | - | - |
Safe
|
| Mitsubishielectric Search vendor "Mitsubishielectric" | Melsec Iq-r08cpu Firmware Search vendor "Mitsubishielectric" for product "Melsec Iq-r08cpu Firmware" | <= 39 Search vendor "Mitsubishielectric" for product "Melsec Iq-r08cpu Firmware" and version " <= 39" | - |
Affected
| in | Mitsubishielectric Search vendor "Mitsubishielectric" | Melsec Iq-r08cpu Search vendor "Mitsubishielectric" for product "Melsec Iq-r08cpu" | - | - |
Safe
|
| Mitsubishielectric Search vendor "Mitsubishielectric" | Melsec Iq-r16cpu Firmware Search vendor "Mitsubishielectric" for product "Melsec Iq-r16cpu Firmware" | <= 39 Search vendor "Mitsubishielectric" for product "Melsec Iq-r16cpu Firmware" and version " <= 39" | - |
Affected
| in | Mitsubishielectric Search vendor "Mitsubishielectric" | Melsec Iq-r16cpu Search vendor "Mitsubishielectric" for product "Melsec Iq-r16cpu" | - | - |
Safe
|
| Mitsubishielectric Search vendor "Mitsubishielectric" | Melsec Iq-r32cpu Firmware Search vendor "Mitsubishielectric" for product "Melsec Iq-r32cpu Firmware" | <= 39 Search vendor "Mitsubishielectric" for product "Melsec Iq-r32cpu Firmware" and version " <= 39" | - |
Affected
| in | Mitsubishielectric Search vendor "Mitsubishielectric" | Melsec Iq-r32cpu Search vendor "Mitsubishielectric" for product "Melsec Iq-r32cpu" | - | - |
Safe
|
| Mitsubishielectric Search vendor "Mitsubishielectric" | Melsec Iq-r120cpu Firmware Search vendor "Mitsubishielectric" for product "Melsec Iq-r120cpu Firmware" | <= 39 Search vendor "Mitsubishielectric" for product "Melsec Iq-r120cpu Firmware" and version " <= 39" | - |
Affected
| in | Mitsubishielectric Search vendor "Mitsubishielectric" | Melsec Iq-r120cpu Search vendor "Mitsubishielectric" for product "Melsec Iq-r120cpu" | - | - |
Safe
|
| Mitsubishielectric Search vendor "Mitsubishielectric" | Melsec Iq-r08fcpu Firmware Search vendor "Mitsubishielectric" for product "Melsec Iq-r08fcpu Firmware" | <= 20 Search vendor "Mitsubishielectric" for product "Melsec Iq-r08fcpu Firmware" and version " <= 20" | - |
Affected
| in | Mitsubishielectric Search vendor "Mitsubishielectric" | Melsec Iq-r08fcpu Search vendor "Mitsubishielectric" for product "Melsec Iq-r08fcpu" | - | - |
Safe
|
| Mitsubishielectric Search vendor "Mitsubishielectric" | Melsec Iq-r16fcpu Firmware Search vendor "Mitsubishielectric" for product "Melsec Iq-r16fcpu Firmware" | <= 20 Search vendor "Mitsubishielectric" for product "Melsec Iq-r16fcpu Firmware" and version " <= 20" | - |
Affected
| in | Mitsubishielectric Search vendor "Mitsubishielectric" | Melsec Iq-r16fcpu Search vendor "Mitsubishielectric" for product "Melsec Iq-r16fcpu" | - | - |
Safe
|
| Mitsubishielectric Search vendor "Mitsubishielectric" | Melsec Iq-r32fcpu Firmware Search vendor "Mitsubishielectric" for product "Melsec Iq-r32fcpu Firmware" | <= 20 Search vendor "Mitsubishielectric" for product "Melsec Iq-r32fcpu Firmware" and version " <= 20" | - |
Affected
| in | Mitsubishielectric Search vendor "Mitsubishielectric" | Melsec Iq-r32fcpu Search vendor "Mitsubishielectric" for product "Melsec Iq-r32fcpu" | - | - |
Safe
|
| Mitsubishielectric Search vendor "Mitsubishielectric" | Melsec Iq-r120fcpu Firmware Search vendor "Mitsubishielectric" for product "Melsec Iq-r120fcpu Firmware" | <= 20 Search vendor "Mitsubishielectric" for product "Melsec Iq-r120fcpu Firmware" and version " <= 20" | - |
Affected
| in | Mitsubishielectric Search vendor "Mitsubishielectric" | Melsec Iq-r120fcpu Search vendor "Mitsubishielectric" for product "Melsec Iq-r120fcpu" | - | - |
Safe
|
| Mitsubishielectric Search vendor "Mitsubishielectric" | Melsec Iq-r08pcpu Firmware Search vendor "Mitsubishielectric" for product "Melsec Iq-r08pcpu Firmware" | * | - |
Affected
| in | Mitsubishielectric Search vendor "Mitsubishielectric" | Melsec Iq-r08pcpu Search vendor "Mitsubishielectric" for product "Melsec Iq-r08pcpu" | - | - |
Safe
|
| Mitsubishielectric Search vendor "Mitsubishielectric" | Melsec Iq-r16pcpu Firmware Search vendor "Mitsubishielectric" for product "Melsec Iq-r16pcpu Firmware" | * | - |
Affected
| in | Mitsubishielectric Search vendor "Mitsubishielectric" | Melsec Iq-r16pcpu Search vendor "Mitsubishielectric" for product "Melsec Iq-r16pcpu" | - | - |
Safe
|
| Mitsubishielectric Search vendor "Mitsubishielectric" | Melsec Iq-r32pcpu Firmware Search vendor "Mitsubishielectric" for product "Melsec Iq-r32pcpu Firmware" | * | - |
Affected
| in | Mitsubishielectric Search vendor "Mitsubishielectric" | Melsec Iq-r32pcpu Search vendor "Mitsubishielectric" for product "Melsec Iq-r32pcpu" | - | - |
Safe
|
| Mitsubishielectric Search vendor "Mitsubishielectric" | Melsec Iq-r120pcpu Firmware Search vendor "Mitsubishielectric" for product "Melsec Iq-r120pcpu Firmware" | * | - |
Affected
| in | Mitsubishielectric Search vendor "Mitsubishielectric" | Melsec Iq-r120pcpu Search vendor "Mitsubishielectric" for product "Melsec Iq-r120pcpu" | - | - |
Safe
|
| Mitsubishielectric Search vendor "Mitsubishielectric" | Melsec Iq-r08sfcpu Firmware Search vendor "Mitsubishielectric" for product "Melsec Iq-r08sfcpu Firmware" | * | - |
Affected
| in | Mitsubishielectric Search vendor "Mitsubishielectric" | Melsec Iq-r08sfcpu Search vendor "Mitsubishielectric" for product "Melsec Iq-r08sfcpu" | - | - |
Safe
|
| Mitsubishielectric Search vendor "Mitsubishielectric" | Melsec Iq-r16sfcpu Firmware Search vendor "Mitsubishielectric" for product "Melsec Iq-r16sfcpu Firmware" | * | - |
Affected
| in | Mitsubishielectric Search vendor "Mitsubishielectric" | Melsec Iq-r16sfcpu Search vendor "Mitsubishielectric" for product "Melsec Iq-r16sfcpu" | - | - |
Safe
|
| Mitsubishielectric Search vendor "Mitsubishielectric" | Melsec Iq-r32sfcpu Firmware Search vendor "Mitsubishielectric" for product "Melsec Iq-r32sfcpu Firmware" | * | - |
Affected
| in | Mitsubishielectric Search vendor "Mitsubishielectric" | Melsec Iq-r32sfcpu Search vendor "Mitsubishielectric" for product "Melsec Iq-r32sfcpu" | - | - |
Safe
|
| Mitsubishielectric Search vendor "Mitsubishielectric" | Melsec Iq-r120sfcpu Firmware Search vendor "Mitsubishielectric" for product "Melsec Iq-r120sfcpu Firmware" | * | - |
Affected
| in | Mitsubishielectric Search vendor "Mitsubishielectric" | Melsec Iq-r120sfcpu Search vendor "Mitsubishielectric" for product "Melsec Iq-r120sfcpu" | - | - |
Safe
|
| Mitsubishielectric Search vendor "Mitsubishielectric" | Melsec Iq-rj71en71 Firmware Search vendor "Mitsubishielectric" for product "Melsec Iq-rj71en71 Firmware" | * | - |
Affected
| in | Mitsubishielectric Search vendor "Mitsubishielectric" | Melsec Iq-rj71en71 Search vendor "Mitsubishielectric" for product "Melsec Iq-rj71en71" | - | - |
Safe
|