CVE Vulnerabilities

CVE-2021-20610

Published: Dec 01, 2021 | Modified: Jun 02, 2022
CVSS 3.x
7.5
HIGH
Source:
NVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVSS 2.x
7.8 HIGH
AV:N/AC:L/Au:N/C:N/I:N/A:C
RedHat/V2
RedHat/V3
Ubuntu

Improper Handling of Length Parameter Inconsistency vulnerability in MELSEC iQ-R Series R00/01/02CPU Firmware versions 24 and prior, MELSEC iQ-R Series R04/08/16/32/120(EN)CPU Firmware versions 57 and prior, MELSEC iQ-R Series R08/16/32/120SFCPU All versions, MELSEC iQ-R Series R08/16/32/120PCPU Firmware versions 29 and prior, MELSEC iQ-R Series R08/16/32/120PSFCPU Firmware versions 08 and prior, MELSEC iQ-R Series R16/32/64MTCPU Operating system software version 23 and prior, MELSEC iQ-R Series R12CCPU-V All versions, MELSEC Q Series Q03UDECPU The first 5 digits of serial No. 23121 and prior, MELSEC Q Series Q04/06/10/13/20/26/50/100UDEHCPU The first 5 digits of serial No. 23121 and prior, MELSEC Q Series Q03/04/06/13/26UDVCPU The first 5 digits of serial No. 23071 and prior, MELSEC Q Series Q04/06/13/26UDPVCPU The first 5 digits of serial No. 23071 and prior, MELSEC Q Series Q12DCCPU-V The first 5 digits of serial No. 24031 and prior, MELSEC Q Series Q24DHCCPU-V(G) The first 5 digits of serial No. 24031 and prior, MELSEC Q Series Q24/26DHCCPU-LS The first 5 digits of serial No. 24031 and prior, MELSEC Q Series MR-MQ100 Operating system software version F and prior, MELSEC Q Series Q172/173DCPU-S1 Operating system software version W and prior, MELSEC Q Series Q172/173DSCPU All versions, MELSEC Q Series Q170MCPU Operating system software version W and prior, MELSEC Q Series Q170MSCPU(-S1) All versions, MELSEC L Series L02/06/26CPU(-P) The first 5 digits of serial No. 23121 and prior, MELSEC L Series L26CPU-(P)BT The first 5 digits of serial No. 23121 and prior and MELIPC Series MI5122-VW All versions allows a remote unauthenticated attacker to cause a denial-of-service (DoS) condition by sending specially crafted packets. System reset is required for recovery.

References