CVE-2020-5666

Name of the Vulnerable Software and Affected Versions MELSEC iQ-R Series CPU Modules R00/01/02CPU versions 05 through 19 MELSEC iQ-R Series CPU Modules R04/08/16/32/120(EN)CPU versions 35 through 51

Description The issue allows a remote attacker to cause an error in a CPU unit via a specially crafted HTTP packet. This may lead to a denial-of-service (DoS) condition, affecting the execution of the program and its communication.

Recommendations For MELSEC iQ-R Series CPU Modules R00/01/02CPU versions 05 through 19, update the firmware to a version outside of the affected range. For MELSEC iQ-R Series CPU Modules R04/08/16/32/120(EN)CPU versions 35 through 51, update the firmware to a version outside of the affected range. As a temporary workaround, consider restricting access to the HTTP endpoint to minimize the risk of exploitation.