CVE-2020-5527
| Summary |
When MELSOFT transmission port (UDP/IP) of Mitsubishi Electric MELSEC iQ-R series (all versions), MELSEC iQ-F series (all versions), MELSEC Q series (all versions), MELSEC L series (all versions), and MELSEC F series (all versions) receives massive amount of data via unspecified vectors, resource consumption occurs and the port does not process the data properly. As a result, it may fall into a denial-of-service (DoS) condition. The vendor states this vulnerability only affects Ethernet communication functions.
|
| Publication Date |
March 30, 2020, 5:15 p.m. |
| Registration Date |
Jan. 26, 2021, 11:59 a.m. |
| Last Update |
Nov. 21, 2024, 2:34 p.m. |
|
CVSS3.1 : HIGH
|
| スコア |
7.5
|
| Vector |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
| 攻撃元区分(AV) |
ネットワーク |
| 攻撃条件の複雑さ(AC) |
低 |
| 攻撃に必要な特権レベル(PR) |
不要 |
| 利用者の関与(UI) |
不要 |
| 影響の想定範囲(S) |
変更なし |
| 機密性への影響(C) |
なし |
| 完全性への影響(I) |
なし |
| 可用性への影響(A) |
高 |
|
CVSS2.0 : MEDIUM
|
| Score |
5.0
|
| Vector |
AV:N/AC:L/Au:N/C:N/I:N/A:P |
| 攻撃元区分(AV) |
ネットワーク |
| 攻撃条件の複雑さ(AC) |
低 |
| 攻撃前の認証要否(Au) |
不要 |
| 機密性への影響(C) |
なし |
| 完全性への影響(I) |
なし |
| 可用性への影響(A) |
低 |
| Get all privileges. |
いいえ
|
| Get user privileges |
いいえ
|
| Get other privileges |
いいえ
|
| User operation required |
いいえ
|
Affected software configurations
| Configuration1 |
or higher |
or less |
more than |
less than |
| cpe:2.3:o:mitsubishielectric:cr800-q_firmware:-:*:*:*:*:*:*:* |
|
|
|
|
| execution environment |
| 1 |
cpe:2.3:h:mitsubishielectric:cr800-q:-:*:*:*:*:*:*:* |
| Configuration2 |
or higher |
or less |
more than |
less than |
| cpe:2.3:o:mitsubishielectric:fx3g_firmware:-:*:*:*:*:*:*:* |
|
|
|
|
| execution environment |
| 1 |
cpe:2.3:h:mitsubishielectric:fx3g:-:*:*:*:*:*:*:* |
| Configuration3 |
or higher |
or less |
more than |
less than |
| cpe:2.3:o:mitsubishielectric:fx3gc_firmware:-:*:*:*:*:*:*:* |
|
|
|
|
| execution environment |
| 1 |
cpe:2.3:h:mitsubishielectric:fx3gc:-:*:*:*:*:*:*:* |
| Configuration4 |
or higher |
or less |
more than |
less than |
| cpe:2.3:o:mitsubishielectric:fx3s_firmware:-:*:*:*:*:*:*:* |
|
|
|
|
| execution environment |
| 1 |
cpe:2.3:h:mitsubishielectric:fx3s:-:*:*:*:*:*:*:* |
| Configuration5 |
or higher |
or less |
more than |
less than |
| cpe:2.3:o:mitsubishielectric:fx3u_firmware:-:*:*:*:*:*:*:* |
|
|
|
|
| execution environment |
| 1 |
cpe:2.3:h:mitsubishielectric:fx3u:-:*:*:*:*:*:*:* |
| Configuration6 |
or higher |
or less |
more than |
less than |
| cpe:2.3:o:mitsubishielectric:fx3uc_firmware:-:*:*:*:*:*:*:* |
|
|
|
|
| execution environment |
| 1 |
cpe:2.3:h:mitsubishielectric:fx3uc:-:*:*:*:*:*:*:* |
| Configuration7 |
or higher |
or less |
more than |
less than |
| cpe:2.3:o:mitsubishielectric:fx5u_firmware:-:*:*:*:*:*:*:* |
|
|
|
|
| execution environment |
| 1 |
cpe:2.3:h:mitsubishielectric:fx5u:-:*:*:*:*:*:*:* |
| Configuration8 |
or higher |
or less |
more than |
less than |
| cpe:2.3:o:mitsubishielectric:fx5uc_firmware:-:*:*:*:*:*:*:* |
|
|
|
|
| execution environment |
| 1 |
cpe:2.3:h:mitsubishielectric:fx5uc:-:*:*:*:*:*:*:* |
| Configuration9 |
or higher |
or less |
more than |
less than |
| cpe:2.3:o:mitsubishielectric:fx5uj_firmware:-:*:*:*:*:*:*:* |
|
|
|
|
| execution environment |
| 1 |
cpe:2.3:h:mitsubishielectric:fx5uj:-:*:*:*:*:*:*:* |
| Configuration10 |
or higher |
or less |
more than |
less than |
| cpe:2.3:o:mitsubishielectric:l02cpu_firmware:-:*:*:*:*:*:*:* |
|
|
|
|
| execution environment |
| 1 |
cpe:2.3:h:mitsubishielectric:l02cpu:-:*:*:*:*:*:*:* |
| Configuration11 |
or higher |
or less |
more than |
less than |
| cpe:2.3:o:mitsubishielectric:l02cpu-p_firmware:-:*:*:*:*:*:*:* |
|
|
|
|
| execution environment |
| 1 |
cpe:2.3:h:mitsubishielectric:l02cpu-p:-:*:*:*:*:*:*:* |
| Configuration12 |
or higher |
or less |
more than |
less than |
| cpe:2.3:o:mitsubishielectric:l02scpu_firmware:-:*:*:*:*:*:*:* |
|
|
|
|
| execution environment |
| 1 |
cpe:2.3:h:mitsubishielectric:l02scpu:-:*:*:*:*:*:*:* |
| Configuration13 |
or higher |
or less |
more than |
less than |
| cpe:2.3:o:mitsubishielectric:l02scpu-p_firmware:-:*:*:*:*:*:*:* |
|
|
|
|
| execution environment |
| 1 |
cpe:2.3:h:mitsubishielectric:l02scpu-p:-:*:*:*:*:*:*:* |
| Configuration14 |
or higher |
or less |
more than |
less than |
| cpe:2.3:o:mitsubishielectric:l06cpu_firmware:-:*:*:*:*:*:*:* |
|
|
|
|
| execution environment |
| 1 |
cpe:2.3:h:mitsubishielectric:l06cpu:-:*:*:*:*:*:*:* |
| Configuration15 |
or higher |
or less |
more than |
less than |
| cpe:2.3:o:mitsubishielectric:l06cpu-p_firmware:-:*:*:*:*:*:*:* |
|
|
|
|
| execution environment |
| 1 |
cpe:2.3:h:mitsubishielectric:l06cpu-p:-:*:*:*:*:*:*:* |
| Configuration16 |
or higher |
or less |
more than |
less than |
| cpe:2.3:o:mitsubishielectric:l26cpu_firmware:-:*:*:*:*:*:*:* |
|
|
|
|
| execution environment |
| 1 |
cpe:2.3:h:mitsubishielectric:l26cpu:-:*:*:*:*:*:*:* |
| Configuration17 |
or higher |
or less |
more than |
less than |
| cpe:2.3:o:mitsubishielectric:l26cpu-bt_firmware:-:*:*:*:*:*:*:* |
|
|
|
|
| execution environment |
| 1 |
cpe:2.3:h:mitsubishielectric:l26cpu-bt:-:*:*:*:*:*:*:* |
| Configuration18 |
or higher |
or less |
more than |
less than |
| cpe:2.3:o:mitsubishielectric:l26cpu-p_firmware:-:*:*:*:*:*:*:* |
|
|
|
|
| execution environment |
| 1 |
cpe:2.3:h:mitsubishielectric:l26cpu-p:-:*:*:*:*:*:*:* |
| Configuration19 |
or higher |
or less |
more than |
less than |
| cpe:2.3:o:mitsubishielectric:l26cpu-pbt_firmware:-:*:*:*:*:*:*:* |
|
|
|
|
| execution environment |
| 1 |
cpe:2.3:h:mitsubishielectric:l26cpu-pbt:-:*:*:*:*:*:*:* |
| Configuration20 |
or higher |
or less |
more than |
less than |
| cpe:2.3:o:mitsubishielectric:q02phcpu_firmware:-:*:*:*:*:*:*:* |
|
|
|
|
| execution environment |
| 1 |
cpe:2.3:h:mitsubishielectric:q02phcpu:-:*:*:*:*:*:*:* |
| Configuration21 |
or higher |
or less |
more than |
less than |
| cpe:2.3:o:mitsubishielectric:q06phcpu_firmware:-:*:*:*:*:*:*:* |
|
|
|
|
| execution environment |
| 1 |
cpe:2.3:h:mitsubishielectric:q06phcpu:-:*:*:*:*:*:*:* |
| Configuration22 |
or higher |
or less |
more than |
less than |
| cpe:2.3:o:mitsubishielectric:q12dccpu-v_firmware:-:*:*:*:*:*:*:* |
|
|
|
|
| execution environment |
| 1 |
cpe:2.3:h:mitsubishielectric:q12dccpu-v:-:*:*:*:*:*:*:* |
| Configuration23 |
or higher |
or less |
more than |
less than |
| cpe:2.3:o:mitsubishielectric:q12phcpu_firmware:-:*:*:*:*:*:*:* |
|
|
|
|
| execution environment |
| 1 |
cpe:2.3:h:mitsubishielectric:q12phcpu:-:*:*:*:*:*:*:* |
| Configuration24 |
or higher |
or less |
more than |
less than |
| cpe:2.3:o:mitsubishielectric:q12prhcpu_firmware:-:*:*:*:*:*:*:* |
|
|
|
|
| execution environment |
| 1 |
cpe:2.3:h:mitsubishielectric:q12prhcpu:-:*:*:*:*:*:*:* |
| Configuration25 |
or higher |
or less |
more than |
less than |
| cpe:2.3:o:mitsubishielectric:q172dscpu_firmware:-:*:*:*:*:*:*:* |
|
|
|
|
| execution environment |
| 1 |
cpe:2.3:h:mitsubishielectric:q172dscpu:-:*:*:*:*:*:*:* |
| Configuration26 |
or higher |
or less |
more than |
less than |
| cpe:2.3:o:mitsubishielectric:q173dscpu_firmware:-:*:*:*:*:*:*:* |
|
|
|
|
| execution environment |
| 1 |
cpe:2.3:h:mitsubishielectric:q173dscpu:-:*:*:*:*:*:*:* |
| Configuration27 |
or higher |
or less |
more than |
less than |
| cpe:2.3:o:mitsubishielectric:q173nccpu_firmware:-:*:*:*:*:*:*:* |
|
|
|
|
| execution environment |
| 1 |
cpe:2.3:h:mitsubishielectric:q173nccpu:-:*:*:*:*:*:*:* |
| Configuration28 |
or higher |
or less |
more than |
less than |
| cpe:2.3:o:mitsubishielectric:q24dhccpu-ls_firmware:-:*:*:*:*:*:*:* |
|
|
|
|
| execution environment |
| 1 |
cpe:2.3:h:mitsubishielectric:q24dhccpu-ls:-:*:*:*:*:*:*:* |
| Configuration29 |
or higher |
or less |
more than |
less than |
| cpe:2.3:o:mitsubishielectric:q24dhccpu-v_firmware:-:*:*:*:*:*:*:* |
|
|
|
|
| execution environment |
| 1 |
cpe:2.3:h:mitsubishielectric:q24dhccpu-v:-:*:*:*:*:*:*:* |
| Configuration30 |
or higher |
or less |
more than |
less than |
| cpe:2.3:o:mitsubishielectric:q24dhccpu-vg2_firmware:-:*:*:*:*:*:*:* |
|
|
|
|
| execution environment |
| 1 |
cpe:2.3:h:mitsubishielectric:q24dhccpu-vg2:-:*:*:*:*:*:*:* |
| Configuration31 |
or higher |
or less |
more than |
less than |
| cpe:2.3:o:mitsubishielectric:q25phcpu_firmware:-:*:*:*:*:*:*:* |
|
|
|
|
| execution environment |
| 1 |
cpe:2.3:h:mitsubishielectric:q25phcpu:-:*:*:*:*:*:*:* |
| Configuration32 |
or higher |
or less |
more than |
less than |
| cpe:2.3:o:mitsubishielectric:q25prhcpu_firmware:-:*:*:*:*:*:*:* |
|
|
|
|
| execution environment |
| 1 |
cpe:2.3:h:mitsubishielectric:q25prhcpu:-:*:*:*:*:*:*:* |
| Configuration33 |
or higher |
or less |
more than |
less than |
| cpe:2.3:o:mitsubishielectric:q26dhccpu-ls_firmware:-:*:*:*:*:*:*:* |
|
|
|
|
| execution environment |
| 1 |
cpe:2.3:h:mitsubishielectric:q26dhccpu-ls:-:*:*:*:*:*:*:* |
| Configuration34 |
or higher |
or less |
more than |
less than |
| cpe:2.3:o:mitsubishielectric:r00cpu_firmware:-:*:*:*:*:*:*:* |
|
|
|
|
| execution environment |
| 1 |
cpe:2.3:h:mitsubishielectric:r00cpu:-:*:*:*:*:*:*:* |
| Configuration35 |
or higher |
or less |
more than |
less than |
| cpe:2.3:o:mitsubishielectric:r01cpu_firmware:-:*:*:*:*:*:*:* |
|
|
|
|
| execution environment |
| 1 |
cpe:2.3:h:mitsubishielectric:r01cpu:-:*:*:*:*:*:*:* |
| Configuration36 |
or higher |
or less |
more than |
less than |
| cpe:2.3:o:mitsubishielectric:r02cpu_firmware:-:*:*:*:*:*:*:* |
|
|
|
|
| execution environment |
| 1 |
cpe:2.3:h:mitsubishielectric:r02cpu:-:*:*:*:*:*:*:* |
| Configuration37 |
or higher |
or less |
more than |
less than |
| cpe:2.3:o:mitsubishielectric:r04cpu_firmware:-:*:*:*:*:*:*:* |
|
|
|
|
| execution environment |
| 1 |
cpe:2.3:h:mitsubishielectric:r04cpu:-:*:*:*:*:*:*:* |
| Configuration38 |
or higher |
or less |
more than |
less than |
| cpe:2.3:o:mitsubishielectric:r04encpu_firmware:-:*:*:*:*:*:*:* |
|
|
|
|
| execution environment |
| 1 |
cpe:2.3:h:mitsubishielectric:r04encpu:-:*:*:*:*:*:*:* |
| Configuration39 |
or higher |
or less |
more than |
less than |
| cpe:2.3:o:mitsubishielectric:r08cpu_firmware:-:*:*:*:*:*:*:* |
|
|
|
|
| execution environment |
| 1 |
cpe:2.3:h:mitsubishielectric:r08cpu:-:*:*:*:*:*:*:* |
| Configuration40 |
or higher |
or less |
more than |
less than |
| cpe:2.3:o:mitsubishielectric:r08encpu_firmware:-:*:*:*:*:*:*:* |
|
|
|
|
| execution environment |
| 1 |
cpe:2.3:h:mitsubishielectric:r08encpu:-:*:*:*:*:*:*:* |
| Configuration41 |
or higher |
or less |
more than |
less than |
| cpe:2.3:o:mitsubishielectric:r120cpu_firmware:-:*:*:*:*:*:*:* |
|
|
|
|
| execution environment |
| 1 |
cpe:2.3:h:mitsubishielectric:r120cpu:-:*:*:*:*:*:*:* |
| Configuration42 |
or higher |
or less |
more than |
less than |
| cpe:2.3:o:mitsubishielectric:r120encpu_firmware:-:*:*:*:*:*:*:* |
|
|
|
|
| execution environment |
| 1 |
cpe:2.3:h:mitsubishielectric:r120encpu:-:*:*:*:*:*:*:* |
| Configuration43 |
or higher |
or less |
more than |
less than |
| cpe:2.3:o:mitsubishielectric:r16cpu_firmware:-:*:*:*:*:*:*:* |
|
|
|
|
| execution environment |
| 1 |
cpe:2.3:h:mitsubishielectric:r16cpu:-:*:*:*:*:*:*:* |
| Configuration44 |
or higher |
or less |
more than |
less than |
| cpe:2.3:o:mitsubishielectric:r16encpu_firmware:-:*:*:*:*:*:*:* |
|
|
|
|
| execution environment |
| 1 |
cpe:2.3:h:mitsubishielectric:r16encpu:-:*:*:*:*:*:*:* |
| Configuration45 |
or higher |
or less |
more than |
less than |
| cpe:2.3:o:mitsubishielectric:r32cpu_firmware:-:*:*:*:*:*:*:* |
|
|
|
|
| execution environment |
| 1 |
cpe:2.3:h:mitsubishielectric:r32cpu:-:*:*:*:*:*:*:* |
| Configuration46 |
or higher |
or less |
more than |
less than |
| cpe:2.3:o:mitsubishielectric:r32encpu_firmware:-:*:*:*:*:*:*:* |
|
|
|
|
| execution environment |
| 1 |
cpe:2.3:h:mitsubishielectric:r32encpu:-:*:*:*:*:*:*:* |
Related information, measures and tools
Common Vulnerabilities List
JVN Vulnerability Information
三菱電機製 MELSEC シリーズの MELSOFT 交信ポートにおけるリソース枯渇の脆弱性
| Title |
三菱電機製 MELSEC シリーズの MELSOFT 交信ポートにおけるリソース枯渇の脆弱性
|
| Summary |
三菱電機株式会社が提供する MELSEC iQ-R,iQ-F,Q,L,F シリーズの MELSOFT 交信ポート (UDP/IP) には、リソース枯渇の脆弱性 (CWE-400) が存在します。MELSOFT 交信ポートに大量のデータを送信すると、リソースが枯渇することにより当該ポートにおいて処理が行われなくなり、サービス運用妨害 (DoS) 状態となる場合があります。 この脆弱性情報は、製品利用者への周知を目的に、開発者が JPCERT/CC に報告し、JPCERT/CC が開発者との調整を行いました。
|
| Possible impacts |
MELSOFT 交信ポートが処理不能状態に陥った場合、正常なクライアントが MELSOFT 通信ポートに接続できなくなります。また、他の通信ポートで通信している機器が繋がりにくくなります。 なお開発者によると、本脆弱性により Ethernet 通信以外の機能が影響を受けることはないとのことです。 |
| Solution |
[ワークアラウンドを実施する] 開発者によると、本脆弱性はシーケンス制御への影響がなく、サービス運用妨害 (DoS) 状態が終了すれば通信は正常状態となるため、アップデートやパッチの提供は行わないとのことです。 ただし、次の回避策のいずれか、または組み合わせを適用することで、本脆弱性の影響を軽減できます。 * ファイアウォールを設置し、ネットワーク経由の外部機器からのアクセスを制限する * IP フィルタ機能を使用し、接続可能な IP アドレスを制限する 詳しくは、開発者が提供する情報をご確認ください。 |
| Publication Date |
March 30, 2020, midnight |
| Registration Date |
March 31, 2020, 12:14 p.m. |
| Last Update |
April 1, 2020, 2:44 p.m. |
Affected System
| 三菱電機 |
|
MELSEC F シリーズ
|
|
MELSEC iQ-F シリーズ
|
|
MELSEC iQ-R シリーズ
|
|
MELSEC L シリーズ
|
|
MELSEC Q シリーズ
|
CVE (情報セキュリティ 共通脆弱性識別子)
ベンダー情報
その他
Change Log
| No |
Changed Details |
Date of change |
| 1 |
[2020年03月31日]
掲載 |
March 31, 2020, 12:14 p.m. |
| 2 |
[2020年04月01日]
参考情報:ICS-CERT ADVISORY (ICSA-20-091-02) を追加
|
April 1, 2020, 2:28 p.m. |