Uncontrolled Resource Consumption in MELSEC iQ-R Series CPU Modules by Mitsubishi Electric
CVE-2020-5666
Key Information:
- Vendor
- CVE Published:
- 16 November 2020
What is CVE-2020-5666?
A vulnerability in MELSEC iQ-R Series CPU Modules allows remote attackers to exploit uncontrolled resource consumption. By sending specially crafted HTTP packets, an attacker can induce errors in the CPU unit's functionality, potentially leading to denial-of-service conditions affecting the execution of programs and communications. This vulnerability impacts specific firmware versions across several models, emphasizing the importance of updating systems and implementing security measures to mitigate risks.
Affected Version(s)
MELSEC iQ-R Series CPU Modules R00/01/02CPU Firmware versions from '05' to '19' and R04/08/16/32/120(EN)CPU Firmware versions from '35' to '51'
References
EPSS Score
14% chance of being exploited in the next 30 days.
CVSS V3.1
Timeline
Vulnerability published
Vulnerability Reserved