1. Home
  2. CVE Database
  3. CVE-2021-20586
HIGH · 7.5

CVE-2021-20586

Resource management errors vulnerability in a robot controller of MELFA FR Series(controller "CR800-*V*D" of RV-*FR***-D-* all versions, controller "CR800-*HD" of RH-*FRH***-D-* all versions, controll...

Vulnerability Description

Resource management errors vulnerability in a robot controller of MELFA FR Series(controller "CR800-*V*D" of RV-*FR***-D-* all versions, controller "CR800-*HD" of RH-*FRH***-D-* all versions, controller "CR800-*HRD" of RH-*FRHR***-D-* all versions, controller "CR800-*V*R with R16RTCPU" of RV-*FR***-R-* all versions, controller "CR800-*HR with R16RTCPU" of RH-*FRH***-R-* all versions, controller "CR800-*HRR with R16RTCPU" of RH-*FRHR***-R-* all versions, controller "CR800-*V*Q with Q172DSRCPU" of RV-*FR***-Q-* all versions, controller "CR800-*HQ with Q172DSRCPU" of RH-*FRH***-Q-* all versions, controller "CR800-*HRQ with Q172DSRCPU" of RH-*FRHR***-Q-* all versions) and a robot controller of MELFA CR Series(controller "CR800-CVD" of RV-8CRL-D-* all versions, controller "CR800-CHD" of RH-*CRH**-D-* all versions) as well as a cooperative robot ASSISTA(controller "CR800-05VD" of RV-5AS-D-* all versions) allows a remote unauthenticated attacker to cause a DoS of the execution of the robot program and the Ethernet communication by sending a large amount of packets in burst over a short period of time. As a result of DoS, an error may occur. A reset is required to recover it if the error occurs.

CVSS Score

7.5

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
NONE
Integrity
NONE
Availability
HIGH

Affected Products

VendorProductVersions
MitsubishielectricRv2Fr FirmwareAll versions
MitsubishielectricRv2Fr-
MitsubishielectricRv2Frl FirmwareAll versions
MitsubishielectricRv2Frl-
MitsubishielectricRv4Fr FirmwareAll versions
MitsubishielectricRv4Fr-
MitsubishielectricRv4Frl FirmwareAll versions
MitsubishielectricRv4Frl-
MitsubishielectricRv7Fr FirmwareAll versions
MitsubishielectricRv7Fr-
MitsubishielectricRv7Frl FirmwareAll versions
MitsubishielectricRv7Frl-
MitsubishielectricRv7Frll FirmwareAll versions
MitsubishielectricRv7Frll-
MitsubishielectricRv13Fr FirmwareAll versions
MitsubishielectricRv13Fr-
MitsubishielectricRv13Frl FirmwareAll versions
MitsubishielectricRv13Frl-
MitsubishielectricRv20Fr FirmwareAll versions
MitsubishielectricRv20Fr-

References

FAQ

What is CVE-2021-20586?

CVE-2021-20586 is a vulnerability with a CVSS score of 7.5 (HIGH). Resource management errors vulnerability in a robot controller of MELFA FR Series(controller "CR800-*V*D" of RV-*FR***-D-* all versions, controller "CR800-*HD" of RH-*FRH***-D-* all versions, controll...

How severe is CVE-2021-20586?

CVE-2021-20586 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2021-20586?

Check the references section above for vendor advisories and patch information. Affected products include: Mitsubishielectric Rv2Fr Firmware, Mitsubishielectric Rv2Fr, Mitsubishielectric Rv2Frl Firmware, Mitsubishielectric Rv2Frl, Mitsubishielectric Rv4Fr Firmware.