CVE-2021-20596

NULL Pointer Dereference in MELSEC-F Series FX3U-ENET firmware version 1.14 and prior, FX3U-ENET-L firmware version 1.14 and prior and FX3U-ENET-P502 firmware version 1.14 and prior allows a remote unauthenticated attacker to cause a DoS condition in communication by sending specially crafted packets. Control by MELSEC-F series PLC is not affected and system reset is required for recovery.
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:mitsubishielectric:fx3u-enet-l_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:mitsubishielectric:fx3u-enet-p502_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:mitsubishielectric:fx3u-enet_firmware:*:*:*:*:*:*:*:*

History

21 Nov 2024, 05:46

Type Values Removed Values Added
References () https://jvn.jp/vu/JVNVU94348759/index.html - Patch, Third Party Advisory () https://jvn.jp/vu/JVNVU94348759/index.html - Patch, Third Party Advisory
References () https://us-cert.cisa.gov/ics/advisories/icsa-21-201-01 - Third Party Advisory () https://us-cert.cisa.gov/ics/advisories/icsa-21-201-01 - Third Party Advisory
References () https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-006_en.pdf - Patch, Vendor Advisory () https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-006_en.pdf - Patch, Vendor Advisory

Information

Published : 2021-07-22 12:15

Updated : 2024-11-21 05:46


NVD link : CVE-2021-20596

Mitre link : CVE-2021-20596

CVE.ORG link : CVE-2021-20596


JSON object : View

Products Affected

mitsubishielectric

  • fx3u-enet-p502_firmware
  • fx3u-enet_firmware
  • fx3u-enet-l_firmware
CWE
CWE-476

NULL Pointer Dereference