{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2020-06-09T00:00:00.000Z", "descriptions": [{"lang": "en", "value": "Mitsubishi MELSEC iQ-R Series PLCs with firmware 33 allow attackers to halt the industrial process by sending an unauthenticated crafted packet over the network, because this denial of service attack consumes excessive CPU time. After halting, physical access to the PLC is required in order to restore production."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2020-06-10T20:05:33.000Z", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2020-001_en.pdf"}, {"tags": ["x_refsource_MISC"], "url": "http://jvn.jp/vu/JVNVU97662844/index.html"}, {"tags": ["x_refsource_MISC"], "url": "https://www.us-cert.gov/ics/advisories/icsa-20-161-02"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2020-13238", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Mitsubishi MELSEC iQ-R Series PLCs with firmware 33 allow attackers to halt the industrial process by sending an unauthenticated crafted packet over the network, because this denial of service attack consumes excessive CPU time. After halting, physical access to the PLC is required in order to restore production."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2020-001_en.pdf", "refsource": "CONFIRM", "url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2020-001_en.pdf"}, {"name": "http://jvn.jp/vu/JVNVU97662844/index.html", "refsource": "MISC", "url": "http://jvn.jp/vu/JVNVU97662844/index.html"}, {"name": "https://www.us-cert.gov/ics/advisories/icsa-20-161-02", "refsource": "MISC", "url": "https://www.us-cert.gov/ics/advisories/icsa-20-161-02"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T12:11:19.452Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2020-001_en.pdf"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://jvn.jp/vu/JVNVU97662844/index.html"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.us-cert.gov/ics/advisories/icsa-20-161-02"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2020-13238", "datePublished": "2020-06-10T19:53:01.000Z", "dateReserved": "2020-05-20T00:00:00.000Z", "dateUpdated": "2024-08-04T12:11:19.452Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishielectric:melsec_iq-r00cpu_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "DC033AE6-6DFB-4970-B255-6443EFB7C2B5", "versionEndIncluding": "7", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishielectric:melsec_iq-r00cpu:-:*:*:*:*:*:*:*", "matchCriteriaId": "2691265A-CC4F-4EF5-A987-FF90DFE40100", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishielectric:melsec_iq-r01cpu_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "4199B843-521A-4966-9FE4-085BF906346A", "versionEndIncluding": "7", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishielectric:melsec_iq-r01cpu:-:*:*:*:*:*:*:*", "matchCriteriaId": "E6BC3087-D96A-4327-A3A1-AF62DE145CD2", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishielectric:melsec_iq-r02cpu_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "C906A1BC-469A-410B-ACF8-1F8C8654DB4A", "versionEndIncluding": "7", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishielectric:melsec_iq-r02cpu:-:*:*:*:*:*:*:*", "matchCriteriaId": "E39BA6C6-B3A1-4193-BE96-AD6E8CA8BB9F", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishielectric:melsec_iq-r04cpu_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "CCB74C39-16C0-474B-8502-972625FA2FA9", "versionEndIncluding": "39", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishielectric:melsec_iq-r04cpu:-:*:*:*:*:*:*:*", "matchCriteriaId": "3033A7D5-C134-48CC-AF2C-9E1E8ACFB70E", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishielectric:melsec_iq-r08cpu_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "383E4CF8-C453-43C5-963E-05E356561571", "versionEndIncluding": "39", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishielectric:melsec_iq-r08cpu:-:*:*:*:*:*:*:*", "matchCriteriaId": "57759705-0306-4C43-9EA5-1C0AEA51328D", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishielectric:melsec_iq-r16cpu_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "594ACE76-BFF3-446A-818A-80498B478888", "versionEndIncluding": "39", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishielectric:melsec_iq-r16cpu:-:*:*:*:*:*:*:*", "matchCriteriaId": "757DF844-CC81-4554-9259-82B8758ACD1E", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishielectric:melsec_iq-r32cpu_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "37D5D84B-0530-4F21-9083-DD9B9B1FFCF0", "versionEndIncluding": "39", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishielectric:melsec_iq-r32cpu:-:*:*:*:*:*:*:*", "matchCriteriaId": "6E305DE9-4DE4-4677-8348-5F0A4EA658A0", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishielectric:melsec_iq-r120cpu_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "4A5C7F03-0972-47E0-BC2F-78C4925DD14C", "versionEndIncluding": "39", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishielectric:melsec_iq-r120cpu:-:*:*:*:*:*:*:*", "matchCriteriaId": "D679B7D1-1059-416C-955C-FF0BC33CF3EF", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishielectric:melsec_iq-r08fcpu_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "5DFE8590-D364-4572-97E5-31ED1DB73761", "versionEndIncluding": "20", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishielectric:melsec_iq-r08fcpu:-:*:*:*:*:*:*:*", "matchCriteriaId": "3C1972B2-CF32-4E68-A98C-E983F3F71115", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishielectric:melsec_iq-r16fcpu_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "58083C24-532C-4645-A442-2C973EB01375", "versionEndIncluding": "20", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishielectric:melsec_iq-r16fcpu:-:*:*:*:*:*:*:*", "matchCriteriaId": "CCDE9DBA-8452-4E10-99F9-982C389B9F50", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishielectric:melsec_iq-r32fcpu_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "2D0179AD-FA81-4060-A698-E33D75D201D8", "versionEndIncluding": "20", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishielectric:melsec_iq-r32fcpu:-:*:*:*:*:*:*:*", "matchCriteriaId": "02041EFA-E353-4C4B-8AD9-1F0505D91314", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishielectric:melsec_iq-r120fcpu_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "A66FB1C2-3C8C-4CB5-85EF-468266E8CE68", "versionEndIncluding": "20", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishielectric:melsec_iq-r120fcpu:-:*:*:*:*:*:*:*", "matchCriteriaId": "D3461BD1-3FCB-4F4D-8869-FE59A86A5C3A", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishielectric:melsec_iq-r08pcpu_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "87F503A3-AD82-4EA1-841B-1BAAF445996B", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishielectric:melsec_iq-r08pcpu:-:*:*:*:*:*:*:*", "matchCriteriaId": "5E7CE305-8DC2-438D-826B-394C7CEEF8FF", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishielectric:melsec_iq-r16pcpu_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "D975102B-9953-4241-8546-A14390FA93A3", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishielectric:melsec_iq-r16pcpu:-:*:*:*:*:*:*:*", "matchCriteriaId": "128886F3-1CB2-4615-9725-1E0A22B9CD1C", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishielectric:melsec_iq-r32pcpu_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "9896DEC2-F0B1-44D8-9988-40D0881CCF7A", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishielectric:melsec_iq-r32pcpu:-:*:*:*:*:*:*:*", "matchCriteriaId": "8560DB92-7D50-4D19-8520-0ADBC32259CD", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishielectric:melsec_iq-r120pcpu_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "8F033516-7956-40B3-AE6F-C0DCDE5AB140", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishielectric:melsec_iq-r120pcpu:-:*:*:*:*:*:*:*", "matchCriteriaId": "3954D5FE-7D68-429D-9882-0C035832AE15", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishielectric:melsec_iq-r08sfcpu_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "B350428B-4966-46C0-927D-02AA6DD55D79", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishielectric:melsec_iq-r08sfcpu:-:*:*:*:*:*:*:*", "matchCriteriaId": "E0B4379A-F1D2-4B93-8D0C-EF11A2A8D4F4", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishielectric:melsec_iq-r16sfcpu_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "D40ED555-E89B-49C9-8885-80B704330B31", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishielectric:melsec_iq-r16sfcpu:-:*:*:*:*:*:*:*", "matchCriteriaId": "8B74D4E6-FCB2-4E6D-ADB5-81D24083F927", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishielectric:melsec_iq-r32sfcpu_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "B10800B7-CD71-4CD8-8ADD-0813B83CAFDB", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishielectric:melsec_iq-r32sfcpu:-:*:*:*:*:*:*:*", "matchCriteriaId": "C1CFCCAD-84CE-44EC-889D-8826095CB7A0", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishielectric:melsec_iq-r120sfcpu_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "CEC2F6B3-4B2E-470B-846D-094DD419A9B1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishielectric:melsec_iq-r120sfcpu:-:*:*:*:*:*:*:*", "matchCriteriaId": "9460791F-7EA8-49C2-A45C-094BE209A453", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishielectric:melsec_iq-rj71en71_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "48201ACA-C420-4869-B04A-FE9AD537C32D", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishielectric:melsec_iq-rj71en71:-:*:*:*:*:*:*:*", "matchCriteriaId": "878A25DD-D056-4ACF-8A1E-382D4C33CE64", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "Mitsubishi MELSEC iQ-R Series PLCs with firmware 33 allow attackers to halt the industrial process by sending an unauthenticated crafted packet over the network, because this denial of service attack consumes excessive CPU time. After halting, physical access to the PLC is required in order to restore production."}, {"lang": "es", "value": "Los PLC Mitsubishi MELSEC iQ-R Series con firmware 33, permiten a atacantes detener el proceso industrial mediante el env\u00edo de un paquete dise\u00f1ado no autenticado a trav\u00e9s de la red, porque este ataque de denegaci\u00f3n de servicio consume un tiempo excesivo de la CPU. Despu\u00e9s de detenerse, se requiere acceso f\u00edsico al PLC para restaurar producci\u00f3n"}], "id": "CVE-2020-13238", "lastModified": "2024-11-21T05:00:51.327", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-06-10T20:15:14.140", "references": [{"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://jvn.jp/vu/JVNVU97662844/index.html"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2020-001_en.pdf"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "US Government Resource"], "url": "https://www.us-cert.gov/ics/advisories/icsa-20-161-02"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://jvn.jp/vu/JVNVU97662844/index.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2020-001_en.pdf"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "US Government Resource"], "url": "https://www.us-cert.gov/ics/advisories/icsa-20-161-02"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-400"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}