Lack of administrator control over security vulnerability in MELSEC-F series FX3U-ENET Firmware version 1.14 and prior, FX3U-ENET-L Firmware version 1.14 and prior and FX3U-ENET-P502 Firmware version 1.14 and prior allows a remote unauthenticated attacker to cause a denial-of-service (DoS) condition in communication function of the product or other unspecified effects by sending specially crafted packets to an unnecessary opening of TCP port. Control by MELSEC-F series PLC is not affected by this vulnerability, but system reset is required for recovery.
References
Link | Resource |
---|---|
https://jvn.jp/vu/JVNVU93268332/index.html | Third Party Advisory VDB Entry |
https://www.cisa.gov/uscert/ics/advisories/icsa-22-013-01 | Third Party Advisory US Government Resource |
https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-023_en.pdf | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: Mitsubishi
Published: 2022-01-14T19:04:45
Updated: 2022-01-14T19:04:45
Reserved: 2020-12-17T00:00:00
Link: CVE-2021-20612
JSON object: View
NVD Information
Status : Analyzed
Published: 2022-01-14T20:15:09.850
Modified: 2023-08-08T14:21:49.707
Link: CVE-2021-20612
JSON object: View
Redhat Information
No data.
CWE