Product:

R120psfcpu_firmware

(Mitsubishielectric)
Repositories

Unknown:

This might be proprietary software.

#Vulnerabilities 7
Date Id Summary Products Score Patch Annotated
2020-11-20 CVE-2020-5668 Uncontrolled resource consumption vulnerability in MELSEC iQ-R Series modules (R00/01/02CPU firmware version '19' and earlier, R04/08/16/32/120 (EN) CPU firmware version '51' and earlier, R08/16/32/120SFCPU firmware version '22' and earlier, R08/16/32/120PCPU firmware version '25' and earlier, R08/16/32/120PSFCPU firmware version '06' and earlier, RJ71EN71 firmware version '47' and earlier, RJ71GF11-T2 firmware version '47' and earlier, RJ72GF15-T2 firmware version '07' and earlier,... R00cpu_firmware, R01cpu_firmware, R02cpu_firmware, R04cpu_firmware, R08cpu_firmware, R08pcpu_firmware, R08psfcpu_firmware, R08sfcpu_firmware, R120cpu_firmware, R120pcpu_firmware, R120psfcpu_firmware, R120sfcpu_firmware, R16cpu_firmware, R16pcpu_firmware, R16psfcpu_firmware, R16sfcpu_firmware, R32cpu_firmware, R32pcpu_firmware, R32psfcpu_firmware, R32sfcpu_firmware, Rj71c24\-R2_firmware, Rj71c24\-R4_firmware, Rj71en71_firmware, Rj71gf11\-T2_firmware, Rj71gn11\-T2_firmware, Rj71gp21\-Sx_firmware, Rj71gp21s\-Sx_firmware, Rj72gf15\-T2_firmware 7.5
2021-06-11 CVE-2021-20591 Uncontrolled Resource Consumption vulnerability in Mitsubishi Electric MELSEC iQ-R series CPU modules (R00/01/02CPU all versions, R04/08/16/32/120(EN)CPU all versions, R08/16/32/120SFCPU all versions, R08/16/32/120PCPU all versions, R08/16/32/120PSFCPU all versions) allows a remote unauthenticated attacker to prevent legitimate clients from connecting to the MELSOFT transmission port (TCP/IP) by not closing a connection properly, which may lead to a denial of service (DoS) condition. R00cpu_firmware, R01cpu_firmware, R02cpu_firmware, R04cpu_firmware, R08cpu_firmware, R08pcpu_firmware, R08psfcpu_firmware, R08sfcpu_firmware, R120cpu_firmware, R120pcpu_firmware, R120psfcpu_firmware, R120sfcpu_firmware, R16cpu_firmware, R16pcpu_firmware, R16psfcpu_firmware, R16sfcpu_firmware, R32cpu_firmware, R32pcpu_firmware, R32psfcpu_firmware, R32sfcpu_firmware 7.5
2021-08-06 CVE-2021-20594 Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Mitsubishi Electric MELSEC iQ-R series Safety CPU modules R08/16/32/120SFCPU firmware versions "26" and prior and Mitsubishi Electric MELSEC iQ-R series SIL2 Process CPU modules R08/16/32/120PSFCPU firmware versions "11" and prior allows a remote unauthenticated attacker to acquire legitimate user names registered in the module via brute-force attack on user names. R08psfcpu_firmware, R08sfcpu_firmware, R120psfcpu_firmware, R120sfcpu_firmware, R16psfcpu_firmware, R16sfcpu_firmware, R32psfcpu_firmware, R32sfcpu_firmware 7.5
2021-08-06 CVE-2021-20597 Insufficiently Protected Credentials vulnerability in Mitsubishi Electric MELSEC iQ-R series Safety CPU modules R08/16/32/120SFCPU firmware versions "26" and prior and Mitsubishi Electric MELSEC iQ-R series SIL2 Process CPU modules R08/16/32/120PSFCPU firmware versions "11" and prior allows a remote unauthenticated attacker to login to the target unauthorizedly by sniffing network traffic and obtaining credentials when registering user information in the target or changing a password. R08psfcpu_firmware, R08sfcpu_firmware, R120psfcpu_firmware, R120sfcpu_firmware, R16psfcpu_firmware, R16sfcpu_firmware, R32psfcpu_firmware, R32sfcpu_firmware 9.1
2021-08-06 CVE-2021-20598 Overly Restrictive Account Lockout Mechanism vulnerability in Mitsubishi Electric MELSEC iQ-R series CPU modules (R08/16/32/120SFCPU all versions, R08/16/32/120PSFCPU all versions) allows a remote unauthenticated attacker to lockout a legitimate user by continuously trying login with incorrect password. R08psfcpu_firmware, R08sfcpu_firmware, R120psfcpu_firmware, R120sfcpu_firmware, R16psfcpu_firmware, R16sfcpu_firmware, R32psfcpu_firmware, R32sfcpu_firmware 5.3
2021-10-14 CVE-2021-20599 Cleartext Transmission of Sensitive InformationCleartext transmission of sensitive information vulnerability in MELSEC iQ-R series Safety CPU R08/16/32/120SFCPU firmware versions "26" and prior and MELSEC iQ-R series SIL2 Process CPU R08/16/32/120PSFCPU firmware versions "11" and prior allows a remote unauthenticated attacker to login to a target CPU module by obtaining credentials other than password. R08psfcpu_firmware, R08sfcpu_firmware, R120psfcpu_firmware, R120sfcpu_firmware, R16psfcpu_firmware, R16sfcpu_firmware, R32psfcpu_firmware, R32sfcpu_firmware 7.5
2024-02-13 CVE-2023-6815 Incorrect Privilege Assignment vulnerability in Mitsubishi Electric Corporation MELSEC iQ-R Series Safety CPU R08/16/32/120SFCPU all versions and MELSEC iQ-R Series SIL2 Process CPU R08/16/32/120PSFCPU all versions allows a remote authenticated attacker who has logged into the product as a non-administrator user to disclose the credentials (user ID and password) of a user with a lower access level than the attacker by sending a specially crafted packet. R08psfcpu_firmware, R08sfcpu_firmware, R120psfcpu_firmware, R120sfcpu_firmware, R16psfcpu_firmware, R16sfcpu_firmware, R32psfcpu_firmware, R32sfcpu_firmware 6.5