9.8
CVE-2020-5531
- EPSS 1.98%
- Veröffentlicht 17.02.2020 07:15:16
- Zuletzt bearbeitet 21.11.2024 05:34:13
- Quelle vultures@jpcert.or.jp
- CVE-Watchlists
- Unerledigt
LoginMitsubishi Electric MELSEC C Controller Module and MELIPC Series MI5000 MELSEC-Q Series C Controller Module(Q24DHCCPU-V, Q24DHCCPU-VG User Ethernet port (CH1, CH2): First 5 digits of serial number 21121 or before), MELSEC iQ-R Series C Controller Module / C Intelligent Function Module(R12CCPU-V Ethernet port (CH1, CH2): First 2 digits of serial number 11 or before, and RD55UP06-V Ethernet port: First 2 digits of serial number 08 or before), and MELIPC Series MI5000(MI5122-VW Ethernet port (CH1): First 2 digits of serial number 03 or before, or the firmware version 03 or before) allow remote attackers to cause a denial of service and/or malware being executed via unspecified vectors.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Mitsubishielectric ≫ Mi5122-vw Firmware Version <= 03
Mitsubishielectric ≫ Q24dhccpu-v Firmware Version <= 21121
Mitsubishielectric ≫ Q24dhccpu-vg Firmware Version <= 21121
Mitsubishielectric ≫ R12ccpu-v Firmware Version <= 11
Mitsubishielectric ≫ Rd55up06-v Firmware Version <= 08
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.98% | 0.779 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 9.8 | 3.9 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
https://jvn.jp/en/vu/JVNVU95424547/index.html
https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2019-003_en.pdf