Improper Input Validation vulnerability in Mitsubishi Electric MELSEC iQ-R Series R00/01/02CPU Firmware versions 24 and prior, Mitsubishi Electric MELSEC iQ-R Series R04/08/16/32/120(EN)CPU Firmware versions 57 and prior, Mitsubishi Electric MELSEC iQ-R Series R08/16/32/120SFCPU Firmware versions 28 and prior, Mitsubishi Electric MELSEC iQ-R Series R08/16/32/120PCPU Firmware versions 29 and prior, Mitsubishi Electric MELSEC iQ-R Series R08/16/32/120PSFCPU Firmware versions 08 and prior, Mitsubishi Electric MELSEC iQ-R Series R16/32/64MTCPU Operating system software version 23 and prior, Mitsubishi Electric MELSEC iQ-R Series R12CCPU-V Firmware versions 16 and prior, Mitsubishi Electric MELSEC Q Series Q03UDECPU The first 5 digits of serial No. 23121 and prior, Mitsubishi Electric MELSEC Q Series Q04/06/10/13/20/26/50/100UDEHCPU The first 5 digits of serial No. 23121 and prior, Mitsubishi Electric MELSEC Q Series Q03/04/06/13/26UDVCPU The first 5 digits of serial No. 23071 and prior, Mitsubishi Electric MELSEC Q Series Q04/06/13/26UDPVCPU The first 5 digits of serial No. 23071 and prior, Mitsubishi Electric MELSEC Q Series Q12DCCPU-V The first 5 digits of serial No. 24031 and prior, Mitsubishi Electric MELSEC Q Series Q24DHCCPU-V(G) The first 5 digits of serial No. 24031 and prior, Mitsubishi Electric MELSEC Q Series Q24/26DHCCPU-LS The first 5 digits of serial No.
24031 and prior, Mitsubishi Electric MELSEC Q Series MR-MQ100 Operating system software version F and prior, Mitsubishi Electric MELSEC Q Series Q172/173DCPU-S1 Operating system software version W and prior, Mitsubishi Electric MELSEC Q Series Q172/173DSCPU All versions, Mitsubishi Electric MELSEC Q Series Q170MCPU Operating system software version W and prior, Mitsubishi Electric MELSEC Q Series Q170MSCPU(-S1) All versions, Mitsubishi Electric MELSEC L Series L02/06/26CPU(-P) The first 5 digits of serial No. 23121 and prior, Mitsubishi Electric MELSEC L Series L26CPU-(P)BT The first 5 digits of serial No. 23121 and prior and Mitsubishi Electric MELIPC Series MI5122-VW Firmware versions 05 and prior allows a remote unauthenticated attacker to cause a denial-of-service (DoS) condition by sending specially crafted packets. System reset is required for recovery.

This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.

Detections

Analytics

Mitsubishi Electric MELSEC and MELIPC Series Improper Input Validation (CVE-2021-20611)

high Tenable OT Security Plugin ID 500797

Version 1.2