|
[Japanese]
|
JVNDB-2020-001591
|
Multiple vulnerabilities in TCP/IP function on Mitsubishi Electric MELSEC C Controller Module and MELIPC Series MI5000
|
|
MELSEC C Controller Module and MELIPC Series MI5000 provided by Mitsubishi Electric Corporation have multiple vulnerabilities due to the vulnerabilities called "URGENT/11" in TCP/IP function (IPnet) of VxWorks, a real-time OS distributed by Wind River.
* Q24DHCCPU-V and Q24DHCCPU-VG
* Buffer Error (CWE-119) - CVE-2019-12255
* Buffer Error (CWE-119) - CVE-2019-12257
* Session Fixation (CWE-384) - CVE-2019-12258
* NULL Pointer Dereference (CWE-476) - CVE-2019-12259
* Buffer Error (CWE-119) - CVE-2019-12261
* Improper Access Control (CWE-284) - CVE-2019-12262
* Buffer Error (CWE-119) - CVE-2019-12263
* Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') (CWE-88) - CVE-2019-12264
* Improper Management of System Resources (CWE-399) - CVE-2019-12265
* R12CCPU-V and RD55UP06-V
* Buffer Error (CWE-119) - CVE-2019-12256
* Session Fixation (CWE-384) - CVE-2019-12258
* NULL Pointer Dereference (CWE-476) - CVE-2019-12259
* Buffer Error (CWE-119) - CVE-2019-12261
* Improper Access Control (CWE-284) - CVE-2019-12262
* Buffer Error (CWE-119) - CVE-2019-12263
* Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') (CWE-88) - CVE-2019-12264
* Improper Management of System Resources (CWE-399) - CVE-2019-12265
* MI5122-VW
* Buffer Error (CWE-119) - CVE-2019-12256
* Session Fixation (CWE-384) - CVE-2019-12258
* NULL Pointer Dereference (CWE-476) - CVE-2019-12259
* Buffer Error (CWE-119) - CVE-2019-12260
* Buffer Error (CWE-119) - CVE-2019-12261
* Improper Access Control (CWE-284) - CVE-2019-12262
* Buffer Error (CWE-119) - CVE-2019-12263
* Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') (CWE-88) - CVE-2019-12264
* Improper Management of System Resources (CWE-399) - CVE-2019-12265
For the details, refer to the information provided by the developer.
|
|
|
|
|
Mitsubishi Electric
- MELIPC Series MI5000 MI5122-VW Ethernet port (CH1): First 2 digits of serial number are 03 or before, or the firmware version is 03 or before
- MELSEC iQ-R Series C Intelligent Function Module R12CCPU-V Ethernet port (CH1, CH2): First 2 digits of serial number are 11 or before
- MELSEC iQ-R Series C Intelligent Function Module RD55UP06-V Ethernet port: First 2 digits of serial number are 08 or before
- MELSEC iQ-R Series C Controller Module R12CCPU-V Ethernet port (CH1, CH2): First 2 digits of serial number are 11 or before
- MELSEC iQ-R Series C Controller Module RD55UP06-V Ethernet port: First 2 digits of serial number are 08 or before
- MELSEC-Q Series C Controller Module Q24DHCCPU-V, Q24DHCCPU-VG User Ethernet port (CH1, CH2): First 5 digits of serial number are 21121 or before
|
For the details, refer to the information provided by the developer.
|
|
Receiving a TCP packet crafted by a remote attacker may cause a denial of service (DoS) condition or malware being executed.
|
|
[Update the Firmware]
Apply the appropriate firmware update according to the information provided by the developer.
[MELSEC-Q Series C Controller Module]
* Q24DHCCPU-V, Q24DHCCPU-VG: First 5 digits of serial number are "21122" or later
[MELSEC iQ-R Series C Controller Module / C Intelligent Function Module]
* R12CCPU-V: First 2 digits of serial number are "12" or later
* RD55UP06-V: First 2 digits of serial number are "09" or later
[MELIPC Series MI5000]
* MI5122-VW: First 2 digits of serial number are "04" or later, or the firmware version is "04" or later
[Apply the Workaround]
Applying the following workaround may mitigate the impacts of the vulnerabilities.
* Restrict access to the network
For the details, refer to the information provided by the developer.
|
|
Mitsubishi Electric
|
|
|
|
- CVE-2020-5531
|
|
- JVN : JVNVU#95424547
- National Vulnerability Database (NVD) : CVE-2020-5531
- ICS-CERT ADVISORY : ICSA-19-274-01
- Related document : TCP/IP Network Stack (IPnet, Urgent/11)
|
|
- [2020/02/18]
Web page was published
|
