Uncontrolled Resource Consumption in Mitsubishi Electric MELSEC iQ-R and Q Series
CVE-2021-20609
7.5HIGH
Key Information:
- Status
- Vendor
- CVE Published:
- 1 December 2021
What is CVE-2021-20609?
The vulnerability allows a remote unauthenticated attacker to exploit MELSEC iQ-R and Q Series devices by sending specially crafted packets. This can trigger a denial-of-service (DoS) condition, necessitating a system reset for recovery. Affected products include a wide range of CPUs, making this a significant concern for network stability and security.
Affected Version(s)
MELIPC Series MI5122-VW Firmware versions "05" and prior
MELSEC iQ-R Series R00CPU Firmware versions "24" and prior
MELSEC iQ-R Series R01CPU Firmware versions "24" and prior