{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishielectric:r00cpu_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "97A4E159-7ECF-4812-95E1-3C8A61B41C3F", "versionEndIncluding": "20", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishielectric:r00cpu:-:*:*:*:*:*:*:*", "matchCriteriaId": "B0A23F21-9C5F-4CB3-BA20-4195B2165D26", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishielectric:r01cpu_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "8EA80A6F-79B8-4C58-9D0D-F7D423B16B04", "versionEndIncluding": "20", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishielectric:r01cpu:-:*:*:*:*:*:*:*", "matchCriteriaId": "CADF6528-4B25-4779-A06F-2C4DF91DAE90", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishielectric:r02cpu_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "9B8BF074-220A-46BF-8B4E-7B30637FC997", "versionEndIncluding": "20", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishielectric:r02cpu:-:*:*:*:*:*:*:*", "matchCriteriaId": "2D753C47-ED9C-453F-AC1F-C50476BE61C0", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishielectric:r04cpu_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "3C0D8F6B-F137-4A05-8F78-55119F12B3A0", "versionEndIncluding": "52", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishielectric:r04cpu:-:*:*:*:*:*:*:*", "matchCriteriaId": "BDEEF15E-FE32-4610-9E14-891069573E4D", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishielectric:r08cpu_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "83D2C9C7-B838-4EE1-87D9-BBD9FA3C5D30", "versionEndIncluding": "52", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishielectric:r08cpu:-:*:*:*:*:*:*:*", "matchCriteriaId": "2DAA2202-88D5-4329-BF51-0F18C350C45C", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishielectric:r16cpu_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "EE02A6F0-DB39-441C-B6A0-86611A7BAA80", "versionEndIncluding": "52", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishielectric:r16cpu:-:*:*:*:*:*:*:*", "matchCriteriaId": "30016EA0-FB24-4382-8960-6A75D32C9BD7", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishielectric:r32cpu_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "C8DEE4EE-73F6-437A-B00F-AAC76EA4266E", "versionEndIncluding": "52", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishielectric:r32cpu:-:*:*:*:*:*:*:*", "matchCriteriaId": "DAF6EB84-7D97-4606-A90F-9D443CBC4755", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishielectric:r120cpu_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "50A130EB-63CF-4766-AFA6-66BC90118153", "versionEndIncluding": "52", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishielectric:r120cpu:-:*:*:*:*:*:*:*", "matchCriteriaId": "3EF7D08E-D3D1-48D4-9440-B94B7A2BD662", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishielectric:r08sfcpu_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "E49CF5A5-8F0E-4E41-9B6F-15641CD32E29", "versionEndIncluding": "22", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishielectric:r08sfcpu:-:*:*:*:*:*:*:*", "matchCriteriaId": "B185323A-C9E3-48A0-AD28-DA7AC7846E18", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishielectric:r16sfcpu_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "844B3E94-7F24-4523-AE29-55D5C55D4A99", "versionEndIncluding": "22", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishielectric:r16sfcpu:-:*:*:*:*:*:*:*", "matchCriteriaId": "C4BBE066-33C4-4410-85D3-4B77B3773330", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishielectric:r32sfcpu_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "15096442-7E6B-4846-9A8F-01023A54DFA0", "versionEndIncluding": "22", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishielectric:r32sfcpu:-:*:*:*:*:*:*:*", "matchCriteriaId": "6F6304BE-DAEE-49AB-B0B1-CEE6878CBECE", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishielectric:r120sfcpu_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "4DE2946C-E8C0-4253-B84C-16A81767343E", "versionEndIncluding": "22", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishielectric:r120sfcpu:-:*:*:*:*:*:*:*", "matchCriteriaId": "515BDC46-5A1C-4A94-816A-B4751BB1B58D", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishielectric:r08pcpu_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "63442274-452B-4361-A2AD-2ACBD699B150", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishielectric:r08pcpu:-:*:*:*:*:*:*:*", "matchCriteriaId": "3845683A-A4D2-422F-9736-D0D7A430555F", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishielectric:r16pcpu_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "EE0EA636-84E9-4DAA-BE39-DBA9D7B857F4", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishielectric:r16pcpu:-:*:*:*:*:*:*:*", "matchCriteriaId": "EA04F2DD-4D51-4D4F-B3C7-D5EFACAD6EFB", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishielectric:r32pcpu_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "275C5686-5333-440F-8C85-8C2FB91FC2DA", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishielectric:r32pcpu:-:*:*:*:*:*:*:*", "matchCriteriaId": "3EA2A77C-86CE-48E1-87A4-A69895102D49", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishielectric:r120pcpu_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "5EC951AC-3538-4711-A034-6C1A94AD797F", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishielectric:r120pcpu:-:*:*:*:*:*:*:*", "matchCriteriaId": "E0FE9EA6-6BCE-40F7-8AE8-173F7CDF3EF6", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishielectric:r16mtcpu_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "D6627431-2E42-4D76-A6D7-D75756BC63AC", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishielectric:r16mtcpu:-:*:*:*:*:*:*:*", "matchCriteriaId": "921A907D-DD83-44C7-BEFA-A1A38679FFB8", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishielectric:r32mtcpu_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "0E9E24CF-45D3-4162-BE69-92FE571C0189", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishielectric:r32mtcpu:-:*:*:*:*:*:*:*", "matchCriteriaId": "CD83C6E4-56E8-4854-8711-B280D7626021", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishielectric:r64mtcpu_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "9BEF3452-1DDC-4D43-BD82-AB877451F57D", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishielectric:r64mtcpu:-:*:*:*:*:*:*:*", "matchCriteriaId": "9E1F2092-ABFD-4510-84C3-C0945512C15B", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Mitsubishi MELSEC iQ-R Series PLCs with firmware 49 allow an unauthenticated attacker to halt the industrial process by sending a crafted packet over the network. This denial of service attack exposes Improper Input Validation. After halting, physical access to the PLC is required in order to restore production, and the device state is lost. This is related to R04CPU, RJ71GF11-T2, R04CPU, and RJ71GF11-T2."}, {"lang": "es", "value": "Los PLC de la serie Mitsubishi MELSEC iQ-R con firmware 49 permiten a un atacante no autenticado detener el proceso industrial enviando un paquete dise\u00f1ado a trav\u00e9s de la red. Este ataque de denegaci\u00f3n de servicio expone una Validaci\u00f3n de Entrada Inapropiada. Despu\u00e9s de detenerse, el acceso f\u00edsico al PLC es requerido para restaurar la producci\u00f3n y se pierde el estado del dispositivo. Esto est\u00e1 relacionado con R04CPU, RJ71GF11-T2, R04CPU y RJ71GF11-T2"}], "id": "CVE-2020-16850", "lastModified": "2021-07-21T11:39:23.747", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-11-30T22:15:10.840", "references": [{"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://blog.scadafence.com/vulnerability-in-mitsubishi-electric-melsec-iq-r-series"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "US Government Resource"], "url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-282-02"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}, {"lang": "en", "value": "CWE-400"}], "source": "nvd@nist.gov", "type": "Primary"}]}