CVE-2021-20610
CVE-2021-20610
En resumen
Un defecto en controladores lógicos programables (PLCs) de Mitsubishi Electric permite que un atacante envíe paquetes maliciosos que bloqueen el sistema, requiriendo reinicio manual. Afecta equipos de control industrial usados en fábricas e infraestructuras.
Detalle técnico
La vulnerabilidad surge del manejo inadecuado de parámetros de longitud en el procesamiento de paquetes de red en varios modelos de PLCs MELSEC y MELIPC. Un atacante remoto no autenticado puede explotarla enviando paquetes especialmente diseñados para causar denegación de servicio; la recuperación requiere reinicio del sistema.
Resumen generado y traducido por IA a partir de la descripción oficial.
Improper Handling of Length Parameter Inconsistency vulnerability in Mitsubishi Electric MELSEC iQ-R Series R00/01/02CPU, MELSEC iQ-R Series R04/08/16/32/120(EN)CPU, MELSEC iQ-R Series R08/16/32/120SFCPU, MELSEC iQ-R Series R08/16/32/120PCPU, MELSEC iQ-R Series R08/16/32/120PSFCPU, MELSEC iQ-R Series R16/32/64MTCPU, MELSEC iQ-R Series R12CCPU-V, MELSEC Q Series Q03UDECPU, MELSEC Q Series Q04/06/10/13/20/26/50/100UDEHCPU, MELSEC Q Series Q03/04/06/13/26UDVCPU, MELSEC Q Series Q04/06/13/26UDPVCPU, MELSEC Q Series Q12DCCPU-V, MELSEC Q Series Q24DHCCPU-V(G), MELSEC Q Series Q24/26DHCCPU-LS, MELSEC Q Series MR-MQ100, MELSEC Q Series Q172/173DCPU-S1, MELSEC Q Series Q172/173DSCPU, MELSEC Q Series Q170MCPU, MELSEC Q Series Q170MSCPU(-S1), MELSEC L Series L02/06/26CPU(-P), MELSEC L Series L26CPU-(P)BT and MELIPC Series MI5122-VW allows a remote unauthenticated attacker to cause a denial-of-service (DoS) condition by sending specially crafted packets. System reset is required for recovery.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Productos afectados
Mitsubishi Electric Corporation · MELIPC Series MI5122-VWMitsubishi Electric Corporation · MELSEC iQ-R Series R00CPUMitsubishi Electric Corporation · MELSEC iQ-R Series R01CPUMitsubishi Electric Corporation · MELSEC iQ-R Series R02CPUMitsubishi Electric Corporation · MELSEC iQ-R Series R04CPUMitsubishi Electric Corporation · MELSEC iQ-R Series R04ENCPUMitsubishi Electric Corporation · MELSEC iQ-R Series R08CPUMitsubishi Electric Corporation · MELSEC iQ-R Series R08ENCPUMitsubishi Electric Corporation · MELSEC iQ-R Series R08PCPUMitsubishi Electric Corporation · MELSEC iQ-R Series R08PSFCPUMitsubishi Electric Corporation · MELSEC iQ-R Series R08SFCPUMitsubishi Electric Corporation · MELSEC iQ-R Series R120CPUMitsubishi Electric Corporation · MELSEC iQ-R Series R120ENCPUMitsubishi Electric Corporation · MELSEC iQ-R Series R120PCPUMitsubishi Electric Corporation · MELSEC iQ-R Series R120PSFCPUMitsubishi Electric Corporation · MELSEC iQ-R Series R120SFCPUMitsubishi Electric Corporation · MELSEC iQ-R Series R12CCPU-VMitsubishi Electric Corporation · MELSEC iQ-R Series R16CPUMitsubishi Electric Corporation · MELSEC iQ-R Series R16ENCPUMitsubishi Electric Corporation · MELSEC iQ-R Series R16MTCPUMitsubishi Electric Corporation · MELSEC iQ-R Series R16PCPUMitsubishi Electric Corporation · MELSEC iQ-R Series R16PSFCPUMitsubishi Electric Corporation · MELSEC iQ-R Series R16SFCPUMitsubishi Electric Corporation · MELSEC iQ-R Series R32CPUMitsubishi Electric Corporation · MELSEC iQ-R Series R32ENCPUMitsubishi Electric Corporation · MELSEC iQ-R Series R32MTCPUMitsubishi Electric Corporation · MELSEC iQ-R Series R32PCPUMitsubishi Electric Corporation · MELSEC iQ-R Series R32PSFCPUMitsubishi Electric Corporation · MELSEC iQ-R Series R32SFCPUMitsubishi Electric Corporation · MELSEC iQ-R Series R64MTCPUMitsubishi Electric Corporation · MELSEC L Series L02CPUMitsubishi Electric Corporation · MELSEC L Series L02CPU-PMitsubishi Electric Corporation · MELSEC L Series L06CPUMitsubishi Electric Corporation · MELSEC L Series L06CPU-PMitsubishi Electric Corporation · MELSEC L Series L26CPUMitsubishi Electric Corporation · MELSEC L Series L26CPU-BTMitsubishi Electric Corporation · MELSEC L Series L26CPU-PMitsubishi Electric Corporation · MELSEC L Series L26CPU-PBTMitsubishi Electric Corporation · MELSEC Q Series MR-MQ100Mitsubishi Electric Corporation · MELSEC Q Series Q03UDECPUMitsubishi Electric Corporation · MELSEC Q Series Q03UDVCPUMitsubishi Electric Corporation · MELSEC Q Series Q04UDEHCPUMitsubishi Electric Corporation · MELSEC Q Series Q04UDPVCPUMitsubishi Electric Corporation · MELSEC Q Series Q04UDVCPUMitsubishi Electric Corporation · MELSEC Q Series Q06UDEHCPUMitsubishi Electric Corporation · MELSEC Q Series Q06UDPVCPUMitsubishi Electric Corporation · MELSEC Q Series Q06UDVCPUMitsubishi Electric Corporation · MELSEC Q Series Q100UDEHCPUMitsubishi Electric Corporation · MELSEC Q Series Q10UDEHCPUMitsubishi Electric Corporation · MELSEC Q Series Q12DCCPU-VMitsubishi Electric Corporation · MELSEC Q Series Q13UDEHCPUMitsubishi Electric Corporation · MELSEC Q Series Q13UDPVCPUMitsubishi Electric Corporation · MELSEC Q Series Q13UDVCPUMitsubishi Electric Corporation · MELSEC Q Series Q170MCPUMitsubishi Electric Corporation · MELSEC Q Series Q170MSCPUMitsubishi Electric Corporation · MELSEC Q Series Q170MSCPU-S1Mitsubishi Electric Corporation · MELSEC Q Series Q172DCPU-S1Mitsubishi Electric Corporation · MELSEC Q Series Q172DSCPUMitsubishi Electric Corporation · MELSEC Q Series Q173DCPU-S1Mitsubishi Electric Corporation · MELSEC Q Series Q173DSCPUMitsubishi Electric Corporation · MELSEC Q Series Q20UDEHCPUMitsubishi Electric Corporation · MELSEC Q Series Q24DHCCPU-LSMitsubishi Electric Corporation · MELSEC Q Series Q24DHCCPU-VMitsubishi Electric Corporation · MELSEC Q Series Q24DHCCPU-VGMitsubishi Electric Corporation · MELSEC Q Series Q26DHCCPU-LSMitsubishi Electric Corporation · MELSEC Q Series Q26UDEHCPUMitsubishi Electric Corporation · MELSEC Q Series Q26UDPVCPUMitsubishi Electric Corporation · MELSEC Q Series Q26UDVCPUMitsubishi Electric Corporation · MELSEC Q Series Q50UDEHCPU¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →