CVE-2019-13555

Published Nov 13, 2019

Last updated 5 years ago

CVSS medium 5.9

Overview

Description: In Mitsubishi Electric MELSEC-Q Series Q03/04/06/13/26UDVCPU: serial number 21081 and prior, Q04/06/13/26UDPVCPU: serial number 21081 and prior, and Q03UDECPU, Q04/06/10/13/20/26/50/100UDEHCPU: serial number 21081 and prior, MELSEC-L Series L02/06/26CPU, L26CPU-BT: serial number 21101 and prior, L02/06/26CPU-P, L26CPU-PBT: serial number 21101 and prior, and L02/06/26CPU-CM, L26CPU-BT-CM: serial number 21101 and prior, a remote attacker can cause the FTP service to enter a denial-of-service condition dependent on the timing at which a remote attacker connects to the FTP server on the above CPU modules.
Source: ics-cert@hq.dhs.gov
NVD status: Analyzed

Risk scores

CVSS 3.1

Type: Primary
Base score: 5.9
Impact score: 3.6
Exploitability score: 2.2
Vector string: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Severity: MEDIUM

CVSS 2.0

Type: Primary
Base score: 4.3
Impact score: 2.9
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:N/I:N/A:P

Weaknesses

nvd@nist.gov: CWE-400

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:mitsubishielectric:q03\\/04\\/06\\/13\\/26udvcpu_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C3FFA52F-3934-465F-B9E6-615ABE53DCE2",
            "versionEndIncluding": "21081"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:mitsubishielectric:q03\\/04\\/06\\/13\\/26udvcpu:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "BADFAFAD-D3A2-4802-BB8B-46340D3D9550"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:mitsubishielectric:q04\\/06\\/13\\/26udpvcpu_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "73DD8BA5-CFE9-4CE2-9FB4-03588EA7CE76",
            "versionEndIncluding": "21081"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:mitsubishielectric:q04\\/06\\/13\\/26udpvcpu:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "F44F9695-BD0E-48E8-B0B4-5BF6DF07B612"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:mitsubishielectric:q03udecpu_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2C9E2B6C-0039-447A-8513-01D84C44AC06",
            "versionEndIncluding": "21081"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:mitsubishielectric:q03udecpu:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "946DA26E-A6B2-46F6-BA81-A92133124823"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:mitsubishielectric:q04\\/06\\/10\\/13\\/20\\/26\\/50\\/100udehcpu_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "092CBA40-1034-4E91-9576-01895AF686ED",
            "versionEndIncluding": "21081"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:mitsubishielectric:q04\\/06\\/10\\/13\\/20\\/26\\/50\\/100udehcpu:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "C0C545FF-8695-4F1C-BAD7-EFF6731908D2"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:mitsubishielectric:l02\\/06\\/26cpu_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2AF8CDCC-8A45-449B-84A7-417ADF536199",
            "versionEndIncluding": "21101"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:mitsubishielectric:l02\\/06\\/26cpu:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "9358A26E-5619-429F-B446-D6F7E9914889"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:mitsubishielectric:l26cpu-bt_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "33C33950-5B33-4315-88D9-4B8107847ECD",
            "versionEndIncluding": "21101"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:mitsubishielectric:l26cpu-bt:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "3966C103-5181-49E3-878F-A0AF9F1DBA76"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:mitsubishielectric:l02\\/06\\/26cpu-p_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8BFAA052-A72F-401D-91BC-6D8276A11D6D",
            "versionEndIncluding": "21101"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:mitsubishielectric:l02\\/06\\/26cpu-p:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "069CB556-4AEB-43E0-91AC-1A69F2C833D9"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:mitsubishielectric:l26cpu-pbt_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3F529865-DB4B-4A94-B950-79F01D92F7CB",
            "versionEndIncluding": "21101"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:mitsubishielectric:l26cpu-pbt:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "A60BE93D-B60D-4F45-ACD3-7B64C0C45D83"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:mitsubishielectric:l02\\/06\\/26cpu-cm_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E9CE2836-0F6F-4C78-A5EC-547E9409E31E",
            "versionEndIncluding": "21101"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:mitsubishielectric:l02\\/06\\/26cpu-cm:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "93AE7089-00AD-412A-82F5-892421130C18"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:mitsubishielectric:l26cpu-bt-cm_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C9A4ABB1-4BEA-474A-9215-968825B12B7A",
            "versionEndIncluding": "21101"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:mitsubishielectric:l26cpu-bt-cm:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "553A2CEB-5528-4A9E-800E-D91E5A3C49AE"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 3.1

CVSS 2.0

Weaknesses

Social media

Configurations

References