Improper neutralization of argument delimiters in a command ('Argument Injection') vulnerability in TCP/IP function included in the firmware of MELSEC iQ-R series (RJ71EIP91 EtherNet/IP Network Interface Module First 2 digits of serial number are '02' or before, RJ71PN92 PROFINET IO Controller Module First 2 digits of serial number are '01' or before, RD81DL96 High Speed Data Logger Module First 2 digits of serial number are '08' or before, RD81MES96N MES Interface Module First 2 digits of serial number are '04' or before, and RD81OPC96 OPC UA Server Module First 2 digits of serial number are '04' or before) allows unauthenticated attackers on adjacent network to stop the network functions of the products via a specially crafted packet.
History

No history.

cve-icon MITRE Information

Status: PUBLISHED

Assigner: jpcert

Published: 2020-10-30T03:35:54

Updated: 2020-10-30T03:35:53

Reserved: 2020-01-06T00:00:00


Link: CVE-2020-5657

JSON object: View

cve-icon NVD Information

Status : Analyzed

Published: 2020-11-02T21:15:34.023

Modified: 2020-11-10T14:22:51.190


Link: CVE-2020-5657

JSON object: View

cve-icon Redhat Information

No data.

CWE