CVE-2020-16850 : Mitsubishi MELSEC iQ-R Series PLCs with firmware 49 allow an unauthenticated att

Mitsubishi MELSEC iQ-R Series PLCs with firmware 49 allow an unauthenticated attacker to halt the industrial process by sending a crafted packet over the network. This denial of service attack exposes Improper Input Validation. After halting, physical access to the PLC is required in order to restore production, and the device state is lost. This is related to R04CPU, RJ71GF11-T2, R04CPU, and RJ71GF11-T2.

Published 2020-11-30 22:15:11

Updated 2021-07-21 11:39:24

Source MITRE

View at NVD, CVE.org

Vulnerability category: Input validationDenial of service

Products affected by CVE-2020-16850

Mitsubishielectric » R00cpu Firmware
Versions up to, including, (<=) 20
cpe:2.3:o:mitsubishielectric:r00cpu_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Mitsubishielectric » R00cpu » Version: N/A
Mitsubishielectric » R01cpu Firmware
Versions up to, including, (<=) 20
cpe:2.3:o:mitsubishielectric:r01cpu_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Mitsubishielectric » R01cpu » Version: N/A
Mitsubishielectric » R02cpu Firmware
Versions up to, including, (<=) 20
cpe:2.3:o:mitsubishielectric:r02cpu_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Mitsubishielectric » R02cpu » Version: N/A
Mitsubishielectric » R04cpu Firmware
Versions up to, including, (<=) 52
cpe:2.3:o:mitsubishielectric:r04cpu_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Mitsubishielectric » R04cpu » Version: N/A
Mitsubishielectric » R08cpu Firmware
Versions up to, including, (<=) 52
cpe:2.3:o:mitsubishielectric:r08cpu_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Mitsubishielectric » R08cpu » Version: N/A
Mitsubishielectric » R16cpu Firmware
Versions up to, including, (<=) 52
cpe:2.3:o:mitsubishielectric:r16cpu_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Mitsubishielectric » R16cpu » Version: N/A
Mitsubishielectric » R32cpu Firmware
Versions up to, including, (<=) 52
cpe:2.3:o:mitsubishielectric:r32cpu_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Mitsubishielectric » R32cpu » Version: N/A
Mitsubishielectric » R120cpu Firmware
Versions up to, including, (<=) 52
cpe:2.3:o:mitsubishielectric:r120cpu_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Mitsubishielectric » R120cpu » Version: N/A
Mitsubishielectric » R08sfcpu Firmware
Versions up to, including, (<=) 22
cpe:2.3:o:mitsubishielectric:r08sfcpu_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Mitsubishielectric » R08sfcpu » Version: N/A
Mitsubishielectric » R16sfcpu Firmware
Versions up to, including, (<=) 22
cpe:2.3:o:mitsubishielectric:r16sfcpu_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Mitsubishielectric » R16sfcpu » Version: N/A
Mitsubishielectric » R32sfcpu Firmware
Versions up to, including, (<=) 22
cpe:2.3:o:mitsubishielectric:r32sfcpu_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Mitsubishielectric » R32sfcpu » Version: N/A
Mitsubishielectric » R120sfcpu Firmware
Versions up to, including, (<=) 22
cpe:2.3:o:mitsubishielectric:r120sfcpu_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Mitsubishielectric » R120sfcpu » Version: N/A
Mitsubishielectric » R08pcpu Firmware
cpe:2.3:o:mitsubishielectric:r08pcpu_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Mitsubishielectric » R08pcpu » Version: N/A
Mitsubishielectric » R16pcpu Firmware
cpe:2.3:o:mitsubishielectric:r16pcpu_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Mitsubishielectric » R16pcpu » Version: N/A
Mitsubishielectric » R32pcpu Firmware
cpe:2.3:o:mitsubishielectric:r32pcpu_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Mitsubishielectric » R32pcpu » Version: N/A
Mitsubishielectric » R120pcpu Firmware
cpe:2.3:o:mitsubishielectric:r120pcpu_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Mitsubishielectric » R120pcpu » Version: N/A
Mitsubishielectric » R16mtcpu Firmware
cpe:2.3:o:mitsubishielectric:r16mtcpu_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Mitsubishielectric » R16mtcpu » Version: N/A
Mitsubishielectric » R32mtcpu Firmware
cpe:2.3:o:mitsubishielectric:r32mtcpu_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Mitsubishielectric » R32mtcpu » Version: N/A
Mitsubishielectric » R64mtcpu Firmware
cpe:2.3:o:mitsubishielectric:r64mtcpu_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Mitsubishielectric » R64mtcpu » Version: N/A

Exploit prediction scoring system (EPSS) score for CVE-2020-16850

EPSS FAQ

0.28%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 49 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2020-16850

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
7.8	HIGH	AV:N/AC:L/Au:N/C:N/I:N/A:C	10.0	6.9	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: None Integrity Impact: None Availability Impact: Complete
7.5	HIGH	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H	3.9	3.6	NIST
Attack Vector: Network Attack Complexity: Low Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: None Integrity: None Availability: High

CWE ids for CVE-2020-16850

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

Assigned by: nvd@nist.gov (Primary)
CWE-400 Uncontrolled Resource Consumption

The product does not properly control the allocation and maintenance of a limited resource.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2020-16850

https://blog.scadafence.com/vulnerability-in-mitsubishi-electric-melsec-iq-r-series

CVSS 8.6 DoS Vulnerability in Mitsubishi Electric MELSEC iQ-R Series CPU
Third Party Advisory
https://us-cert.cisa.gov/ics/advisories/icsa-20-282-02

Mitsubishi Electric MELSEC iQ-R Series (Update A) | CISA
Third Party Advisory;US Government Resource

Jump to

Vulnerability Details : CVE-2020-16850

Products affected by CVE-2020-16850

Exploit prediction scoring system (EPSS) score for CVE-2020-16850

CVSS scores for CVE-2020-16850

CWE ids for CVE-2020-16850

References for CVE-2020-16850