Vulnerability Description
Improper check or handling of exceptional conditions in MELSEC iQ-F series FX5U(C) CPU unit firmware version 1.060 and earlier allows an attacker to cause a denial-of-service (DoS) condition on program execution and communication by sending a specially crafted ARP packet.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Mitsubishielectric | Melsec Iq-F Fx5U Cpu Firmware | <= 1.060 |
| Mitsubishielectric | Melsec Iq-F Fx5U Cpu | - |
References
- https://jvn.jp/vu/JVNVU95638588/index.htmlThird Party Advisory
- https://us-cert.cisa.gov/ics/advisories/icsa-20-345-01Third Party AdvisoryUS Government Resource
- https://www.mitsubishielectric.co.jp/psirt/vulnerability/pdf/2020-018.pdfVendor Advisory
- https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2020-018_en.pdfVendor Advisory
- https://jvn.jp/vu/JVNVU95638588/index.htmlThird Party Advisory
- https://us-cert.cisa.gov/ics/advisories/icsa-20-345-01Third Party AdvisoryUS Government Resource
- https://www.mitsubishielectric.co.jp/psirt/vulnerability/pdf/2020-018.pdfVendor Advisory
- https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2020-018_en.pdfVendor Advisory
FAQ
What is CVE-2020-5665?
CVE-2020-5665 is a vulnerability with a CVSS score of 7.4 (HIGH). Improper check or handling of exceptional conditions in MELSEC iQ-F series FX5U(C) CPU unit firmware version 1.060 and earlier allows an attacker to cause a denial-of-service (DoS) condition on progra...
How severe is CVE-2020-5665?
CVE-2020-5665 has been rated HIGH with a CVSS base score of 7.4/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2020-5665?
Check the references section above for vendor advisories and patch information. Affected products include: Mitsubishielectric Melsec Iq-F Fx5U Cpu Firmware, Mitsubishielectric Melsec Iq-F Fx5U Cpu.