Remote Resource Management Errors in TCP/IP Function of MELSEC iQ-R Series: Network Disruption Vulnerability

Remote Resource Management Errors in TCP/IP Function of MELSEC iQ-R Series: Network Disruption Vulnerability

CVE-2020-5658 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Resource Management Errors vulnerability in TCP/IP function included in the firmware of MELSEC iQ-R series (RJ71EIP91 EtherNet/IP Network Interface Module First 2 digits of serial number are '02' or before, RJ71PN92 PROFINET IO Controller Module First 2 digits of serial number are '01' or before, RD81DL96 High Speed Data Logger Module First 2 digits of serial number are '08' or before, RD81MES96N MES Interface Module First 2 digits of serial number are '04' or before, and RD81OPC96 OPC UA Server Module First 2 digits of serial number are '04' or before) allows a remote unauthenticated attacker to stop the network functions of the products via a specially crafted packet.

Learn more about our Cis Benchmark Audit For Server Software.