CVE-2020-16850
Severity Score
7.5
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Mitsubishi MELSEC iQ-R Series PLCs with firmware 49 allow an unauthenticated attacker to halt the industrial process by sending a crafted packet over the network. This denial of service attack exposes Improper Input Validation. After halting, physical access to the PLC is required in order to restore production, and the device state is lost. This is related to R04CPU, RJ71GF11-T2, R04CPU, and RJ71GF11-T2.
Los PLC de la serie Mitsubishi MELSEC iQ-R con firmware 49 permiten a un atacante no autenticado detener el proceso industrial enviando un paquete diseñado a través de la red. Este ataque de denegación de servicio expone una Validación de Entrada Inapropiada. Después de detenerse, el acceso físico al PLC es requerido para restaurar la producción y se pierde el estado del dispositivo. Esto está relacionado con R04CPU, RJ71GF11-T2, R04CPU y RJ71GF11-T2
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2020-08-04 CVE Reserved
- 2020-11-30 CVE Published
- 2024-04-19 EPSS Updated
- 2024-08-04 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-20: Improper Input Validation
- CWE-400: Uncontrolled Resource Consumption
CAPEC
References (2)
| URL | Tag | Source |
|---|---|---|
| https://blog.scadafence.com/vulnerability-in-mitsubishi-electric-melsec-iq-r-series | Third Party Advisory | |
| https://us-cert.cisa.gov/ics/advisories/icsa-20-282-02 | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Mitsubishielectric Search vendor "Mitsubishielectric" | R00cpu Firmware Search vendor "Mitsubishielectric" for product "R00cpu Firmware" | <= 20 Search vendor "Mitsubishielectric" for product "R00cpu Firmware" and version " <= 20" | - |
Affected
| in | Mitsubishielectric Search vendor "Mitsubishielectric" | R00cpu Search vendor "Mitsubishielectric" for product "R00cpu" | - | - |
Safe
|
| Mitsubishielectric Search vendor "Mitsubishielectric" | R01cpu Firmware Search vendor "Mitsubishielectric" for product "R01cpu Firmware" | <= 20 Search vendor "Mitsubishielectric" for product "R01cpu Firmware" and version " <= 20" | - |
Affected
| in | Mitsubishielectric Search vendor "Mitsubishielectric" | R01cpu Search vendor "Mitsubishielectric" for product "R01cpu" | - | - |
Safe
|
| Mitsubishielectric Search vendor "Mitsubishielectric" | R02cpu Firmware Search vendor "Mitsubishielectric" for product "R02cpu Firmware" | <= 20 Search vendor "Mitsubishielectric" for product "R02cpu Firmware" and version " <= 20" | - |
Affected
| in | Mitsubishielectric Search vendor "Mitsubishielectric" | R02cpu Search vendor "Mitsubishielectric" for product "R02cpu" | - | - |
Safe
|
| Mitsubishielectric Search vendor "Mitsubishielectric" | R04cpu Firmware Search vendor "Mitsubishielectric" for product "R04cpu Firmware" | <= 52 Search vendor "Mitsubishielectric" for product "R04cpu Firmware" and version " <= 52" | - |
Affected
| in | Mitsubishielectric Search vendor "Mitsubishielectric" | R04cpu Search vendor "Mitsubishielectric" for product "R04cpu" | - | - |
Safe
|
| Mitsubishielectric Search vendor "Mitsubishielectric" | R08cpu Firmware Search vendor "Mitsubishielectric" for product "R08cpu Firmware" | <= 52 Search vendor "Mitsubishielectric" for product "R08cpu Firmware" and version " <= 52" | - |
Affected
| in | Mitsubishielectric Search vendor "Mitsubishielectric" | R08cpu Search vendor "Mitsubishielectric" for product "R08cpu" | - | - |
Safe
|
| Mitsubishielectric Search vendor "Mitsubishielectric" | R16cpu Firmware Search vendor "Mitsubishielectric" for product "R16cpu Firmware" | <= 52 Search vendor "Mitsubishielectric" for product "R16cpu Firmware" and version " <= 52" | - |
Affected
| in | Mitsubishielectric Search vendor "Mitsubishielectric" | R16cpu Search vendor "Mitsubishielectric" for product "R16cpu" | - | - |
Safe
|
| Mitsubishielectric Search vendor "Mitsubishielectric" | R32cpu Firmware Search vendor "Mitsubishielectric" for product "R32cpu Firmware" | <= 52 Search vendor "Mitsubishielectric" for product "R32cpu Firmware" and version " <= 52" | - |
Affected
| in | Mitsubishielectric Search vendor "Mitsubishielectric" | R32cpu Search vendor "Mitsubishielectric" for product "R32cpu" | - | - |
Safe
|
| Mitsubishielectric Search vendor "Mitsubishielectric" | R120cpu Firmware Search vendor "Mitsubishielectric" for product "R120cpu Firmware" | <= 52 Search vendor "Mitsubishielectric" for product "R120cpu Firmware" and version " <= 52" | - |
Affected
| in | Mitsubishielectric Search vendor "Mitsubishielectric" | R120cpu Search vendor "Mitsubishielectric" for product "R120cpu" | - | - |
Safe
|
| Mitsubishielectric Search vendor "Mitsubishielectric" | R08sfcpu Firmware Search vendor "Mitsubishielectric" for product "R08sfcpu Firmware" | <= 22 Search vendor "Mitsubishielectric" for product "R08sfcpu Firmware" and version " <= 22" | - |
Affected
| in | Mitsubishielectric Search vendor "Mitsubishielectric" | R08sfcpu Search vendor "Mitsubishielectric" for product "R08sfcpu" | - | - |
Safe
|
| Mitsubishielectric Search vendor "Mitsubishielectric" | R16sfcpu Firmware Search vendor "Mitsubishielectric" for product "R16sfcpu Firmware" | <= 22 Search vendor "Mitsubishielectric" for product "R16sfcpu Firmware" and version " <= 22" | - |
Affected
| in | Mitsubishielectric Search vendor "Mitsubishielectric" | R16sfcpu Search vendor "Mitsubishielectric" for product "R16sfcpu" | - | - |
Safe
|
| Mitsubishielectric Search vendor "Mitsubishielectric" | R32sfcpu Firmware Search vendor "Mitsubishielectric" for product "R32sfcpu Firmware" | <= 22 Search vendor "Mitsubishielectric" for product "R32sfcpu Firmware" and version " <= 22" | - |
Affected
| in | Mitsubishielectric Search vendor "Mitsubishielectric" | R32sfcpu Search vendor "Mitsubishielectric" for product "R32sfcpu" | - | - |
Safe
|
| Mitsubishielectric Search vendor "Mitsubishielectric" | R120sfcpu Firmware Search vendor "Mitsubishielectric" for product "R120sfcpu Firmware" | <= 22 Search vendor "Mitsubishielectric" for product "R120sfcpu Firmware" and version " <= 22" | - |
Affected
| in | Mitsubishielectric Search vendor "Mitsubishielectric" | R120sfcpu Search vendor "Mitsubishielectric" for product "R120sfcpu" | - | - |
Safe
|
| Mitsubishielectric Search vendor "Mitsubishielectric" | R08pcpu Firmware Search vendor "Mitsubishielectric" for product "R08pcpu Firmware" | * | - |
Affected
| in | Mitsubishielectric Search vendor "Mitsubishielectric" | R08pcpu Search vendor "Mitsubishielectric" for product "R08pcpu" | - | - |
Safe
|
| Mitsubishielectric Search vendor "Mitsubishielectric" | R16pcpu Firmware Search vendor "Mitsubishielectric" for product "R16pcpu Firmware" | * | - |
Affected
| in | Mitsubishielectric Search vendor "Mitsubishielectric" | R16pcpu Search vendor "Mitsubishielectric" for product "R16pcpu" | - | - |
Safe
|
| Mitsubishielectric Search vendor "Mitsubishielectric" | R32pcpu Firmware Search vendor "Mitsubishielectric" for product "R32pcpu Firmware" | * | - |
Affected
| in | Mitsubishielectric Search vendor "Mitsubishielectric" | R32pcpu Search vendor "Mitsubishielectric" for product "R32pcpu" | - | - |
Safe
|
| Mitsubishielectric Search vendor "Mitsubishielectric" | R120pcpu Firmware Search vendor "Mitsubishielectric" for product "R120pcpu Firmware" | * | - |
Affected
| in | Mitsubishielectric Search vendor "Mitsubishielectric" | R120pcpu Search vendor "Mitsubishielectric" for product "R120pcpu" | - | - |
Safe
|
| Mitsubishielectric Search vendor "Mitsubishielectric" | R16mtcpu Firmware Search vendor "Mitsubishielectric" for product "R16mtcpu Firmware" | * | - |
Affected
| in | Mitsubishielectric Search vendor "Mitsubishielectric" | R16mtcpu Search vendor "Mitsubishielectric" for product "R16mtcpu" | - | - |
Safe
|
| Mitsubishielectric Search vendor "Mitsubishielectric" | R32mtcpu Firmware Search vendor "Mitsubishielectric" for product "R32mtcpu Firmware" | * | - |
Affected
| in | Mitsubishielectric Search vendor "Mitsubishielectric" | R32mtcpu Search vendor "Mitsubishielectric" for product "R32mtcpu" | - | - |
Safe
|
| Mitsubishielectric Search vendor "Mitsubishielectric" | R64mtcpu Firmware Search vendor "Mitsubishielectric" for product "R64mtcpu Firmware" | * | - |
Affected
| in | Mitsubishielectric Search vendor "Mitsubishielectric" | R64mtcpu Search vendor "Mitsubishielectric" for product "R64mtcpu" | - | - |
Safe
|