PT-2021-14068 · Mitsubishi · Melsec Iq-R Series C Controller Module R12Ccpu-V

CVE-2021-20600

·

Published

2021-10-08

·

Updated

2023-05-16

CVSS v2.0

7.1

High

VectorAV:N/AC:M/Au:N/C:N/I:N/A:C
Name of the Vulnerable Software and Affected Versions: Mitsubishi Electric MELSEC iQ-R series C Controller Module R12CCPU-V versions 16 and prior
Description: The issue allows a remote unauthenticated attacker to cause a denial-of-service (DoS) condition by sending a large number of packets in a short time while the module is starting up. A system reset is required for recovery.
Recommendations: For versions 16 and prior, to resolve the issue, update to a version later than 16. As a temporary workaround, consider restricting access to the module during startup to minimize the risk of exploitation.

Fix

Resource Exhaustion

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

CVE-2021-20600

Affected Products

Melsec Iq-R Series C Controller Module R12Ccpu-V