Vulnerability Details CVE-2020-5594
Mitsubishi Electric MELSEC iQ-R, iQ-F, Q, L, and FX series CPU modules all versions contain a vulnerability that allows cleartext transmission of sensitive information between CPU modules and GX Works3 and/or GX Works2 via unspecified vectors.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 55.4%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
References
- https://jvn.jp/en/vu/JVNVU91424496/index.html
- https://www.mitsubishielectric.co.jp/psirt/vulnerability/pdf/2020-003.pdf
- https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2020-003_en.pdf
- https://jvn.jp/en/vu/JVNVU91424496/index.html
- https://www.mitsubishielectric.co.jp/psirt/vulnerability/pdf/2020-003.pdf
- https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2020-003_en.pdf
Products affected by CVE-2020-5594
-
cpe:2.3:h:mitsubishielectric:melsec-fx:-
-
cpe:2.3:h:mitsubishielectric:melsec-l:-
-
cpe:2.3:h:mitsubishielectric:melsec-q:-
-
cpe:2.3:h:mitsubishielectric:melsec_iq-f:-
-
cpe:2.3:h:mitsubishielectric:melsec_iq-r:-
-
cpe:2.3:o:mitsubishielectric:melsec-fx_firmware:-
-
cpe:2.3:o:mitsubishielectric:melsec-l_firmware:-
-
cpe:2.3:o:mitsubishielectric:melsec-q_firmware:-
-
cpe:2.3:o:mitsubishielectric:melsec_iq-f_firmware:-
-
cpe:2.3:o:mitsubishielectric:melsec_iq-r_firmware:-