CVE-2020-5531

Mitsubishi Electric MELSEC C Controller Module and MELIPC Series MI5000 MELSEC-Q Series C Controller Module(Q24DHCCPU-V, Q24DHCCPU-VG User Ethernet port (CH1, CH2): First 5 digits of serial number 21121 or before), MELSEC iQ-R Series C Controller Module / C Intelligent Function Module(R12CCPU-V Ethernet port (CH1, CH2): First 2 digits of serial number 11 or before, and RD55UP06-V Ethernet port: First 2 digits of serial number 08 or before), and MELIPC Series MI5000(MI5122-VW Ethernet port (CH1): First 2 digits of serial number 03 or before, or the firmware version 03 or before) allow remote attackers to cause a denial of service and/or malware being executed via unspecified vectors.

Published: Feb 17, 2020
Updated: Apr 14, 2023
CVE: CVE-2020-5531
Severity: Critical
Exploit:

CVSS v3:

Severity: Critical
Score: 9.8
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS v2:

Severity: High
Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
mitsubishielectric / mi5122-vw_firmware	-	03.x
mitsubishielectric / q24dhccpu-v_firmware	-	21121.x
mitsubishielectric / q24dhccpu-vg_firmware	-	21121.x
mitsubishielectric / r12ccpu-v_firmware	-	11.x
mitsubishielectric / rd55up06-v_firmware	-	08.x

Vulnerability Database

289,871

CVE-2020-5531