CVE-2020-12739 — MEDIUM (5.3)

Vulnerability Description

A denial-of-service vulnerability in the Fanuc i Series CNC (0i-MD and 0i Mate-MD) could allow an unauthenticated, remote attacker to cause an affected CNC to become inaccessible to other devices.

CVSS Score

5.3

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

NONE

Integrity

NONE

Availability

LOW

Affected Products

Vendor	Product	Versions
Fanuc	Series 30I Firmware	-
Fanuc	Series 30I	-
Fanuc	Series 31I Firmware	-
Fanuc	Series 31I	-
Fanuc	Series 32I-B Plus Firmware	-
Fanuc	Series 32I-B Plus	-
Fanuc	Series 35I-B Firmware	-
Fanuc	Series 35I-B	-
Fanuc	Power Motion I-Model A Firmware	-
Fanuc	Power Motion I-Model A	-
Fanuc	Series 0I-Model F Plus Firmware	-
Fanuc	Series 0I-Model F Plus	-
Fanuc	Series 0I-Model F Firmware	-
Fanuc	Series 0I-Model F	-
Fanuc	Series 32I-Model A Firmware	-
Fanuc	Series 32I-Model A	-
Fanuc	Series 0I-Model D Firmware	-
Fanuc	Series 0I-Model D	-
Fanuc	Series 0I-Mate D Firmware	-
Fanuc	Series 0I-Mate D	-

Related Weaknesses (CWE)

CWE-400

References

http://jvn.jp/en/jp/JVN84959128/index.htmlThird Party Advisory
https://jvn.jp/en/jp/JVN84959128/index.htmlThird Party Advisory
https://jvn.jp/jp/JVN84959128/index.htmlThird Party Advisory
https://www.fanuc.co.jp/eindex.htmlVendor Advisory
http://jvn.jp/en/jp/JVN84959128/index.htmlThird Party Advisory
https://jvn.jp/en/jp/JVN84959128/index.htmlThird Party Advisory
https://jvn.jp/jp/JVN84959128/index.htmlThird Party Advisory
https://www.fanuc.co.jp/eindex.htmlVendor Advisory

FAQ

What is CVE-2020-12739?

CVE-2020-12739 is a vulnerability with a CVSS score of 5.3 (MEDIUM). A denial-of-service vulnerability in the Fanuc i Series CNC (0i-MD and 0i Mate-MD) could allow an unauthenticated, remote attacker to cause an affected CNC to become inaccessible to other devices.

How severe is CVE-2020-12739?

CVE-2020-12739 has been rated MEDIUM with a CVSS base score of 5.3/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2020-12739?

Check the references section above for vendor advisories and patch information. Affected products include: Fanuc Series 30I Firmware, Fanuc Series 30I, Fanuc Series 31I Firmware, Fanuc Series 31I, Fanuc Series 32I-B Plus Firmware.