Detections
Analytics

Mitsubishi Electric MELSEC iQ-R Series Uncontrolled Resource Consumption (CVE-2020-5668)

high Tenable OT Security Plugin ID 500549

Synopsis

The remote OT asset is affected by a vulnerability.

Description

Uncontrolled resource consumption vulnerability in MELSEC iQ-R Series modules (R00/01/02CPU firmware version '19' and earlier, R04/08/16/32/120 (EN) CPU firmware version '51' and earlier, R08/16/32/120SFCPU firmware version '22' and earlier, R08/16/32/120PCPU firmware version '25' and earlier, R08/16/32/120PSFCPU firmware version '06' and earlier, RJ71EN71 firmware version '47' and earlier, RJ71GF11-T2 firmware version '47' and earlier, RJ72GF15-T2 firmware version '07' and earlier, RJ71GP21-SX firmware version '47' and earlier, RJ71GP21S-SX firmware version '47' and earlier, and RJ71GN11-T2 firmware version '11' and earlier) allows a remote unauthenticated attacker to cause an error in a CPU unit and cause a denial-of-service (DoS) condition in execution of the program and its communication, or to cause a denial- of-service (DoS) condition in communication via the unit by receiving a specially crafted SLMP packet

This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information.

Solution

The following text was originally created by the Cybersecurity and Infrastructure Security Agency (CISA). The original can be found at CISA.gov.

Mitsubishi Electric has issued the following iQ-R Series firmware versions to address this issue:

- R00/01/02CPU: firmware Versions 20 or later
- R04/08/16/32/120 (EN) CPU: firmware Versions 52 or later
- R08/16/32/120SFCPU: firmware Versions 23 or later
- R08/16/32/120PCPU: firmware Versions 26 or later
- R08/16/32/120PSFCPU: firmware Versions 07 or later
- RJ71EN71: firmware Versions 48 or later
- RJ71GF11-T2: firmware Versions 48 or later
- RJ72GF15-T2: firmware Versions 08 or later
- RJ71GP21-SX: firmware Versions 48 or later
- RJ71GP21S-SX: firmware Versions 48 or later
- RJ71GN11-T2: firmware Versions 12 or later

For more information about this vulnerability and the associated mitigations, please see the vulnerability information on the Mitsubishi website.

Mitsubishi Electric also recommends the following practices to minimize the risk of exploiting this vulnerability:

- Use a firewall or virtual private network (VPN), etc., to prevent unauthorized access when Internet access is required.
- Use within a LAN and block access from untrusted networks and hosts through firewalls.

See Also

http://www.nessus.org/u?fba3a9e6

http://www.nessus.org/u?7beb54c5

https://us-cert.cisa.gov/ics/advisories/icsa-20-324-05

https://jvn.jp/vu/JVNVU95980140/index.html

Plugin Details

Severity: High

ID: 500549

Version: 1.9

Type: remote

Family: Tenable.ot

Published: 2/7/2022

Updated: 3/4/2024

Supported Sensors: Tenable OT Security

Risk Information

VPR

Risk Factor: Low

Score: 3.6

CVSS v2

Risk Factor: High

Base Score: 7.8

Temporal Score: 5.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C

CVSS Score Source: CVE-2020-5668

CVSS v3

Risk Factor: High

Base Score: 7.5

Temporal Score: 6.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:mitsubishielectric:r00cpu_firmware, cpe:/o:mitsubishielectric:r01cpu_firmware, cpe:/o:mitsubishielectric:r02cpu_firmware, cpe:/o:mitsubishielectric:r04cpu_firmware, cpe:/o:mitsubishielectric:r08cpu_firmware, cpe:/o:mitsubishielectric:r16cpu_firmware, cpe:/o:mitsubishielectric:r32cpu_firmware, cpe:/o:mitsubishielectric:r120cpu_firmware, cpe:/o:mitsubishielectric:r08sfcpu_firmware, cpe:/o:mitsubishielectric:r16sfcpu_firmware, cpe:/o:mitsubishielectric:r32sfcpu_firmware, cpe:/o:mitsubishielectric:r120sfcpu_firmware, cpe:/o:mitsubishielectric:r08pcpu_firmware, cpe:/o:mitsubishielectric:r16pcpu_firmware, cpe:/o:mitsubishielectric:r32pcpu_firmware, cpe:/o:mitsubishielectric:r120pcpu_firmware, cpe:/o:mitsubishielectric:r08psfcpu_firmware, cpe:/o:mitsubishielectric:r16psfcpu_firmware, cpe:/o:mitsubishielectric:r32psfcpu_firmware, cpe:/o:mitsubishielectric:r120psfcpu_firmware, cpe:/o:mitsubishielectric:rj71en71_firmware, cpe:/o:mitsubishielectric:rj71gf11-t2_firmware, cpe:/o:mitsubishielectric:rj72gf15-t2_firmware, cpe:/o:mitsubishielectric:rj71gp21-sx_firmware, cpe:/o:mitsubishielectric:rj71gp21s-sx_firmware, cpe:/o:mitsubishielectric:rj71c24-r2_firmware, cpe:/o:mitsubishielectric:rj71c24-r4_firmware, cpe:/o:mitsubishielectric:rj71gn11-t2_firmware

Required KB Items: Tenable.ot/Mitsubishi

Exploit Ease: No known exploits are available

Patch Publication Date: 11/20/2020

Vulnerability Publication Date: 11/20/2020

Reference Information

CVE: CVE-2020-5668

CWE: 400