Skip to content

RVD#3319: Uncontrolled resource consumption vulnerability in Mitsubishi products allows denial of service (DoS) attacks #3319

New issue
New issue
Open
Open
RVD#3319: Uncontrolled resource consumption vulnerability in Mitsubishi products allows denial of service (DoS) attacks#3319
Labels
triageNeeds triagevendor: Mitsubishi Electricvulnerability
@rvd-bot

Description

@rvd-bot
rvd-bot
opened on Jul 4, 2020
id: 3319
title: 'RVD#3319: Uncontrolled resource consumption vulnerability in Mitsubishi products allows denial of service (DoS) attacks'
type: vulnerability
description: Uncontrolled resource consumption vulnerability in Mitsubishi Electoric
  FA Engineering Software (CPU Module Logging Configuration Tool Ver. 1.94Y and earlier,
  CW Configurator Ver. 1.010L and earlier, EM Software Development Kit (EM Configurator)
  Ver. 1.010L and earlier, GT Designer3 (GOT2000) Ver. 1.221F and earlier, GX LogViewer
  Ver. 1.96A and earlier, GX Works2 Ver. 1.586L and earlier, GX Works3 Ver. 1.058L
  and earlier, M_CommDTM-HART Ver. 1.00A, M_CommDTM-IO-Link Ver. 1.02C and earlier,
  MELFA-Works Ver. 4.3 and earlier, MELSEC-L Flexible High-Speed I/O Control Module
  Configuration Tool Ver.1.004E and earlier, MELSOFT FieldDeviceConfigurator Ver.
  1.03D and earlier, MELSOFT iQ AppPortal Ver. 1.11M and earlier, MELSOFT Navigator
  Ver. 2.58L and earlier, MI Configurator Ver. 1.003D and earlier, Motion Control
  Setting Ver. 1.005F and earlier, MR Configurator2 Ver. 1.72A and earlier, MT Works2
  Ver. 1.156N and earlier, RT ToolBox2 Ver. 3.72A and earlier, and RT ToolBox3 Ver.
  1.50C and earlier) allows an attacker to cause a denial of service (DoS) condition
  attacks via unspecified vectors.
cwe: None
cve: CVE-2020-5603
keywords: ''
system: ''
vendor: "Mitsubishi"
severity:
  rvss-score: 0
  rvss-vector: ''
  severity-description: ''
  cvss-score: 0.0
  cvss-vector: CVSS:3.0/NONE
links:
- https://nvd.nist.gov/vuln/detail/CVE-2020-5603
- https://vulners.com/cve/CVE-2020-5603
- https://github.com/aliasrobotics/RVD/issues/3319
flaw:
  phase: unknown
  specificity: N/A
  architectural-location: N/A
  application: N/A
  subsystem: N/A
  package: N/A
  languages: None
  date-detected: '2020-06-30'
  detected-by: ''
  detected-by-method: N/A
  date-reported: '2020-07-01'
  reported-by: ''
  reported-by-relationship: N/A
  issue: https://github.com/aliasrobotics/RVD/issues/3319
  reproducibility: ''
  trace: ''
  reproduction: ''
  reproduction-image: ''
exploitation:
  description: ''
  exploitation-image: ''
  exploitation-vector: ''
  exploitation-recipe: ''
mitigation:
  description: ''
  pull-request: ''
  date-mitigation: ''

Metadata

Metadata

Assignees

No one assigned

    Labels

    triageNeeds triagevendor: Mitsubishi Electricvulnerability

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions