CVE-2020-5657

Name of the Vulnerable Software and Affected Versions MELSEC iQ-R series versions with the following modules: RJ71EIP91 EtherNet/IP Network Interface Module with serial number starting '02' or before RJ71PN92 PROFINET IO Controller Module with serial number starting '01' or before RD81DL96 High Speed Data Logger Module with serial number starting '08' or before RD81MES96N MES Interface Module with serial number starting '04' or before RD81OPC96 OPC UA Server Module with serial number starting '04' or before

Description The issue is related to improper neutralization of argument delimiters in a command, also known as 'Argument Injection', in the TCP/IP function of the firmware. This allows unauthenticated attackers on an adjacent network to stop the network functions of the products by sending a specially crafted packet.

Recommendations For RJ71EIP91 EtherNet/IP Network Interface Module with serial number starting '02' or before, consider disabling the TCP/IP function until a patch is available. For RJ71PN92 PROFINET IO Controller Module with serial number starting '01' or before, restrict access to the network functions to minimize the risk of exploitation. For RD81DL96 High Speed Data Logger Module with serial number starting '08' or before, avoid using the vulnerable TCP/IP function in the High Speed Data Logger Module until the issue is resolved. For RD81MES96N MES Interface Module with serial number starting '04' or before, consider disabling the MES Interface Module's network functions as a temporary workaround. For RD81OPC96 OPC UA Server Module with serial number starting '04' or before, restrict access to the OPC UA Server Module to minimize the risk of exploitation.