Vulnerability Description
Mitsubishi Electric MELSEC iQ-R, iQ-F, Q, L, and FX series CPU modules all versions contain a vulnerability that allows cleartext transmission of sensitive information between CPU modules and GX Works3 and/or GX Works2 via unspecified vectors.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Mitsubishielectric | Melsec Iq-R Firmware | All versions |
| Mitsubishielectric | Melsec Iq-R | - |
| Mitsubishielectric | Melsec Iq-F Firmware | All versions |
| Mitsubishielectric | Melsec Iq-F | - |
| Mitsubishielectric | Melsec-Q Firmware | All versions |
| Mitsubishielectric | Melsec-Q | - |
| Mitsubishielectric | Melsec-L Firmware | All versions |
| Mitsubishielectric | Melsec-L | - |
| Mitsubishielectric | Melsec-Fx Firmware | All versions |
| Mitsubishielectric | Melsec-Fx | - |
Related Weaknesses (CWE)
References
- https://jvn.jp/en/vu/JVNVU91424496/index.htmlThird Party Advisory
- https://www.mitsubishielectric.co.jp/psirt/vulnerability/pdf/2020-003.pdfVendor Advisory
- https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2020-003_en.pdfVendor Advisory
- https://jvn.jp/en/vu/JVNVU91424496/index.htmlThird Party Advisory
- https://www.mitsubishielectric.co.jp/psirt/vulnerability/pdf/2020-003.pdfVendor Advisory
- https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2020-003_en.pdfVendor Advisory
FAQ
What is CVE-2020-5594?
CVE-2020-5594 is a vulnerability with a CVSS score of 9.8 (CRITICAL). Mitsubishi Electric MELSEC iQ-R, iQ-F, Q, L, and FX series CPU modules all versions contain a vulnerability that allows cleartext transmission of sensitive information between CPU modules and GX Works...
How severe is CVE-2020-5594?
CVE-2020-5594 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2020-5594?
Check the references section above for vendor advisories and patch information. Affected products include: Mitsubishielectric Melsec Iq-R Firmware, Mitsubishielectric Melsec Iq-R, Mitsubishielectric Melsec Iq-F Firmware, Mitsubishielectric Melsec Iq-F, Mitsubishielectric Melsec-Q Firmware.