CVE-2021-20610

Name of the Vulnerable Software and Affected Versions MELSEC iQ-R Series R00/01/02CPU versions 24 and prior MELSEC iQ-R Series R04/08/16/32/120(EN)CPU versions 57 and prior MELSEC iQ-R Series R08/16/32/120SFCPU versions 28 and prior MELSEC iQ-R Series R08/16/32/120PCPU versions 29 and prior MELSEC iQ-R Series R08/16/32/120PSFCPU versions 08 and prior MELSEC iQ-R Series R16/32/64MTCPU operating system software version 23 and prior MELSEC iQ-R Series R12CCPU-V versions 16 and prior MELSEC Q Series Q03UDECPU with the first 5 digits of serial No. 23121 and prior MELSEC Q Series Q04/06/10/13/20/26/50/100UDEHCPU with the first 5 digits of serial No. 23121 and prior MELSEC Q Series Q03/04/06/13/26UDVCPU with the first 5 digits of serial No. 23071 and prior MELSEC Q Series Q04/06/13/26UDPVCPU with the first 5 digits of serial No. 23071 and prior MELSEC Q Series Q12DCCPU-V with the first 5 digits of serial No. 24031 and prior MELSEC Q Series Q24DHCCPU-V(G) with the first 5 digits of serial No. 24031 and prior MELSEC Q Series Q24/26DHCCPU-LS with the first 5 digits of serial No. 24031 and prior MELSEC Q Series MR-MQ100 operating system software version F and prior MELSEC Q Series Q172/173DCPU-S1 operating system software version W and prior MELSEC Q Series Q172/173DSCPU all versions MELSEC Q Series Q170MCPU operating system software version W and prior MELSEC Q Series Q170MSCPU(-S1) all versions MELSEC L Series L02/06/26CPU(-P) with the first 5 digits of serial No. 23121 and prior MELSEC L Series L26CPU-(P)BT with the first 5 digits of serial No. 23121 and prior MELIPC Series MI5122-VW versions 05 and prior

Description The issue is related to improper handling of length parameter inconsistency, allowing a remote unauthenticated attacker to cause a denial-of-service (DoS) condition by sending specially crafted packets. System reset is required for recovery.

Recommendations MELSEC iQ-R Series R00/01/02CPU versions 24 and prior: Update to a version later than 24. MELSEC iQ-R Series R04/08/16/32/120(EN)CPU versions 57 and prior: Update to a version later than 57. MELSEC iQ-R Series R08/16/32/120SFCPU versions 28 and prior: Update to a version later than 28. MELSEC iQ-R Series R08/16/32/120PCPU versions 29 and prior: Update to a version later than 29. MELSEC iQ-R Series R08/16/32/120PSFCPU versions 08 and prior: Update to a version later than 08. MELSEC iQ-R Series R16/32/64MTCPU operating system software version 23 and prior: Update to an operating system software version later than 23. MELSEC iQ-R Series R12CCPU-V versions 16 and prior: Update to a version later than 16. MELSEC Q Series Q03UDECPU with the first 5 digits of serial No. 23121 and prior: Update to a device with the first 5 digits of serial No. later than 23121. MELSEC Q Series Q04/06/10/13/20/26/50/100UDEHCPU with the first 5 digits of serial No. 23121 and prior: Update to a device with the first 5 digits of serial No. later than 23121. MELSEC Q Series Q03/04/06/13/26UDVCPU with the first 5 digits of serial No. 23071 and prior: Update to a device with the first 5 digits of serial No. later than 23071. MELSEC Q Series Q04/06/13/26UDPVCPU with the first 5 digits of serial No. 23071 and prior: Update to a device with the first 5 digits of serial No. later than 23071. MELSEC Q Series Q12DCCPU-V with the first 5 digits of serial No. 24031 and prior: Update to a device with the first 5 digits of serial No. later than 24031. MELSEC Q Series Q24DHCCPU-V(G) with the first 5 digits of serial No. 24031 and prior: Update to a device with the first 5 digits of serial No. later than 24031. MELSEC Q Series Q24/26DHCCPU-LS with the first 5 digits of serial No. 24031 and prior: Update to a device with the first 5 digits of serial No. later than 24031. MELSEC Q Series MR-MQ100 operating system software version F and prior: Update to an operating system software version later than F. MELSEC Q Series Q172/173DCPU-S1 operating system software version W and prior: Update to an operating system software version later than W. MELSEC Q Series Q172/173DSCPU all versions: Apply a patch or update to fix the issue. MELSEC Q Series Q170MCPU operating system software version W and prior: Update to an operating system software version later than W. MELSEC Q Series Q170MSCPU(-S1) all versions: Apply a patch or update to fix the issue. MELSEC L Series L02/06/26CPU(-P) with the first 5 digits of serial No. 23121 and prior: Update to a device with the first 5 digits of serial No. later than 23121. MELSEC L Series L26CPU-(P)BT with the first 5 digits of serial No. 23121 and prior: Update to a device with the first 5 digits of serial No. later than 23121. MELIPC Series MI5122-VW versions 05 and prior: Update to a version later than 05.