CVE-2019-13555

Name of the Vulnerable Software and Affected Versions Mitsubishi Electric MELSEC-Q Series Q03/04/06/13/26UDVCPU versions with serial number 21081 and prior Mitsubishi Electric MELSEC-Q Series Q04/06/13/26UDPVCPU versions with serial number 21081 and prior Mitsubishi Electric MELSEC-Q Series Q03UDECPU versions with serial number 21081 and prior Mitsubishi Electric MELSEC-Q Series Q04/06/10/13/20/26/50/100UDEHCPU versions with serial number 21081 and prior Mitsubishi Electric MELSEC-L Series L02/06/26CPU versions with serial number 21101 and prior Mitsubishi Electric MELSEC-L Series L26CPU-BT versions with serial number 21101 and prior Mitsubishi Electric MELSEC-L Series L02/06/26CPU-P versions with serial number 21101 and prior Mitsubishi Electric MELSEC-L Series L26CPU-PBT versions with serial number 21101 and prior Mitsubishi Electric MELSEC-L Series L02/06/26CPU-CM versions with serial number 21101 and prior Mitsubishi Electric MELSEC-L Series L26CPU-BT-CM versions with serial number 21101 and prior

Description A remote attacker can cause the FTP service to enter a denial-of-service condition dependent on the timing at which a remote attacker connects to the FTP server on the above CPU modules.

Recommendations For Mitsubishi Electric MELSEC-Q Series Q03/04/06/13/26UDVCPU with serial number 21081 and prior, consider disabling the FTP service until a patch is available. For Mitsubishi Electric MELSEC-Q Series Q04/06/13/26UDPVCPU with serial number 21081 and prior, consider disabling the FTP service until a patch is available. For Mitsubishi Electric MELSEC-Q Series Q03UDECPU with serial number 21081 and prior, consider disabling the FTP service until a patch is available. For Mitsubishi Electric MELSEC-Q Series Q04/06/10/13/20/26/50/100UDEHCPU with serial number 21081 and prior, consider disabling the FTP service until a patch is available. For Mitsubishi Electric MELSEC-L Series L02/06/26CPU with serial number 21101 and prior, consider disabling the FTP service until a patch is available. For Mitsubishi Electric MELSEC-L Series L26CPU-BT with serial number 21101 and prior, consider disabling the FTP service until a patch is available. For Mitsubishi Electric MELSEC-L Series L02/06/26CPU-P with serial number 21101 and prior, consider disabling the FTP service until a patch is available. For Mitsubishi Electric MELSEC-L Series L26CPU-PBT with serial number 21101 and prior, consider disabling the FTP service until a patch is available. For Mitsubishi Electric MELSEC-L Series L02/06/26CPU-CM with serial number 21101 and prior, consider disabling the FTP service until a patch is available. For Mitsubishi Electric MELSEC-L Series L26CPU-BT-CM with serial number 21101 and prior, consider disabling the FTP service until a patch is available.