← volver
CVE-2019-6535

Mitsubishi Electric MELSEC-Q Series PLCs Resource Exhaustion

CVSS 7.5 HIGHEPSS 4.3%CWE-400
Mitsubishi Electric Q03/04/06/13/26UDVCPU: serial number 20081 and prior, Q04/06/13/26UDPVCPU: serial number 20081 and prior, and Q03UDECPU, Q04/06/10/13/20/26/50/100UDEHCPU: serial number 20101 and prior. A remote attacker can send specific bytes over Port 5007 that will result in an Ethernet stack crash and disruption to USB communication.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Productos afectados
Mitsubishi Electric · Q03/04/06/13/26UDVCPUMitsubishi Electric · Q03UDECPU, Q04/06/10/13/20/26/50/100UDEHCPUMitsubishi Electric · Q04/06/13/26UDPVCPU

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://ics-cert.us-cert.gov/advisories/ICSA-19-029-02https://www.cisa.gov/news-events/ics-advisories/icsa-19-029-02http://www.securityfocus.com/bid/106771