7.5 CVE-2021-20609

 

Uncontrolled Resource Consumption vulnerability in Mitsubishi Electric MELSEC iQ-R Series R00/01/02CPU Firmware versions "24" and prior, Mitsubishi Electric MELSEC iQ-R Series R04/08/16/32/120(EN)CPU Firmware versions "57" and prior, Mitsubishi Electric MELSEC iQ-R Series R08/16/32/120SFCPU Firmware versions "28" and prior, Mitsubishi Electric MELSEC iQ-R Series R08/16/32/120PCPU Firmware versions "29" and prior, Mitsubishi Electric MELSEC iQ-R Series R08/16/32/120PSFCPU Firmware versions "08" and prior, Mitsubishi Electric MELSEC iQ-R Series R16/32/64MTCPU Operating system software version "23" and prior, Mitsubishi Electric MELSEC iQ-R Series R12CCPU-V Firmware versions "16" and prior, Mitsubishi Electric MELSEC Q Series Q03UDECPU The first 5 digits of serial No. "23121" and prior, Mitsubishi Electric MELSEC Q Series Q04/06/10/13/20/26/50/100UDEHCPU The first 5 digits of serial No. "23121" and prior, Mitsubishi Electric MELSEC Q Series Q03/04/06/13/26UDVCPU The first 5 digits of serial No. "23071" and prior, Mitsubishi Electric MELSEC Q Series Q04/06/13/26UDPVCPU The first 5 digits of serial No. "23071" and prior, Mitsubishi Electric MELSEC Q Series Q12DCCPU-V The first 5 digits of serial No. "24031" and prior, Mitsubishi Electric MELSEC Q Series Q24DHCCPU-V(G) The first 5 digits of serial No. "24031" and prior, Mitsubishi Electric MELSEC Q Series Q24/26DHCCPU-LS The first 5 digits of serial No. "24031" and prior, Mitsubishi Electric MELSEC Q Series MR-MQ100 Operating system software version "F" and prior, Mitsubishi Electric MELSEC Q Series Q172/173DCPU-S1 Operating system software version "W" and prior, Mitsubishi Electric MELSEC Q Series Q172/173DSCPU All versions, Mitsubishi Electric MELSEC Q Series Q170MCPU Operating system software version "W" and prior, Mitsubishi Electric MELSEC Q Series Q170MSCPU(-S1) All versions, Mitsubishi Electric MELSEC L Series L02/06/26CPU(-P) The first 5 digits of serial No. "23121" and prior, Mitsubishi Electric MELSEC L Series L26CPU-(P)BT The first 5 digits of serial No. "23121" and prior and Mitsubishi Electric MELIPC Series MI5122-VW Firmware versions "05" and prior allows a remote unauthenticated attacker to cause a denial-of-service (DoS) condition by sending specially crafted packets. System reset is required for recovery.
https://nvd.nist.gov/vuln/detail/CVE-2021-20609

Categories

CWE-400 : Uncontrolled Resource Consumption
The software does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources. Certain automated dynamic analysis techniques may be effective in spotting resource exhaustion problems, especially with resources such as processes, memory, and connections. The technique may involve generating a large number of requests to the software within a short time frame. While fuzzing is typically geared toward finding low-level implementation bugs, it can inadvertently find resource exhaustion problems. This can occur when the fuzzer generates a large number of test cases but does not restart the targeted software in between test cases. If an individual test case produces a crash, but it does not do so reliably, then an inability to handle resource exhaustion may be the cause. Design throttling mechanisms into the system architecture. The best protection is to limit the amount of resources that an unauthorized user can cause to be expended. A strong authentication and access control model will help prevent such attacks from occurring in the first place. The login application should be protected against DoS attacks as much as possible. Limiting the database access, perhaps by caching result sets, can help minimize the resources expended. To further limit the potential for a DoS attack, consider tracking the rate of requests received from users and blocking requests that exceed a defined rate threshold. Ensure that protocols have specific limits of scale placed on them. Ensure that all failures in resource allocation place the system into a safe posture. Chain: Python library does not limit the resources used to process images that specify a very large number of bands (CWE-1284), leading to excessive memory consumption (CWE-789) or an integer overflow (CWE-190). Go-based workload orchestrator does not limit resource usage with unauthenticated connections, allowing a DoS by flooding the service Resource exhaustion in distributed OS because of "insufficient" IGMP queue management, as exploited in the wild per CISA KEV. Product allows attackers to cause a crash via a large number of connections. Malformed request triggers uncontrolled recursion, leading to stack exhaustion. Chain: memory leak (CWE-404) leads to resource exhaustion. Driver does not use a maximum width when invoking sscanf style functions, causing stack consumption. Large integer value for a length property in an object causes a large amount of memory allocation. Web application firewall consumes excessive memory when an HTTP request contains a large Content-Length value but no POST data. Product allows exhaustion of file descriptors when processing a large number of TCP packets. Communication product allows memory consumption with a large number of SIP requests, which cause many sessions to be created. TCP implementation allows attackers to consume CPU and prevent new connections using a TCP SYN flood attack. Port scan triggers CPU consumption with processes that attempt to read data from closed sockets. Product allows attackers to cause a denial of service via a large number of directives, each of which opens a separate window. Product allows resource exhaustion via a large number of calls that do not complete a 3-way handshake. Mail server does not properly handle deeply nested multipart MIME messages, leading to stack exhaustion. Chain: anti-virus product encounters a malformed file but returns from a function without closing a file descriptor (CWE-775) leading to file descriptor consumption (CWE-400) and failed scans.

References


 

CPE

cpe start end
Configuration 1
   cpe:2.3:o:mitsubishi:melsec_iq-r_r00_cpu_firmware:*:*:*:*:*:*:*:* <= 24
  Running on/with
  cpe:2.3:h:mitsubishi:melsec_iq-r_r00_cpu:-:*:*:*:*:*:*:*
Configuration 2
   cpe:2.3:o:mitsubishi:melsec_iq-r_r01_cpu_firmware:*:*:*:*:*:*:*:* <= 24
  Running on/with
  cpe:2.3:h:mitsubishi:melsec_iq-r_r01_cpu:-:*:*:*:*:*:*:*
Configuration 3
   cpe:2.3:o:mitsubishi:melsec_iq-r_r02_cpu_firmware:*:*:*:*:*:*:*:* <= 24
  Running on/with
  cpe:2.3:h:mitsubishi:melsec_iq-r_r02_cpu:-:*:*:*:*:*:*:*
Configuration 4
   cpe:2.3:o:mitsubishi:melsec_iq-r_r04_cpu_firmware:*:*:*:*:*:*:*:* <= 57
  Running on/with
  cpe:2.3:h:mitsubishi:melsec_iq-r_r04_cpu:-:*:*:*:*:*:*:*
Configuration 5
   cpe:2.3:o:mitsubishi:melsec_iq-r_r08_cpu_firmware:*:*:*:*:*:*:*:* <= 57
  Running on/with
  cpe:2.3:h:mitsubishi:melsec_iq-r_r08_cpu:-:*:*:*:*:*:*:*
Configuration 6
   cpe:2.3:o:mitsubishi:melsec_iq-r_r120_cpu_firmware:*:*:*:*:*:*:*:* <= 57
  Running on/with
  cpe:2.3:h:mitsubishi:melsec_iq-r_r120_cpu:-:*:*:*:*:*:*:*
Configuration 7
   cpe:2.3:o:mitsubishi:melsec_iq-r_r16_cpu_firmware:*:*:*:*:*:*:*:* <= 57
  Running on/with
  cpe:2.3:h:mitsubishi:melsec_iq-r_r16_cpu:-:*:*:*:*:*:*:*
Configuration 8
   cpe:2.3:o:mitsubishi:melsec_iq-r_r32_cpu_firmware:*:*:*:*:*:*:*:* <= 57
  Running on/with
  cpe:2.3:h:mitsubishi:melsec_iq-r_r32_cpu:-:*:*:*:*:*:*:*
Configuration 9
   cpe:2.3:o:mitsubishi:melsec_iq-r_r04_pcpu_firmware:*:*:*:*:*:*:*:* <= 29
  Running on/with
  cpe:2.3:h:mitsubishi:melsec_iq-r_r04_pcpu:-:*:*:*:*:*:*:*
Configuration 10
   cpe:2.3:o:mitsubishi:melsec_iq-r_r08_pcpu_firmware:*:*:*:*:*:*:*:* <= 29
  Running on/with
  cpe:2.3:h:mitsubishi:melsec_iq-r_r08_pcpu:-:*:*:*:*:*:*:*
Configuration 11
   cpe:2.3:o:mitsubishi:melsec_iq-r_r16_pcpu_firmware:*:*:*:*:*:*:*:* <= 29
  Running on/with
  cpe:2.3:h:mitsubishi:melsec_iq-r_r16_pcpu:-:*:*:*:*:*:*:*
Configuration 12
   cpe:2.3:o:mitsubishi:melsec_iq-r_r32_pcpu_firmware:*:*:*:*:*:*:*:* <= 29
  Running on/with
  cpe:2.3:h:mitsubishi:melsec_iq-r_r32_pcpu:-:*:*:*:*:*:*:*
Configuration 13
   cpe:2.3:o:mitsubishi:melsec_iq-r_r120_pcpu_firmware:*:*:*:*:*:*:*:* <= 29
  Running on/with
  cpe:2.3:h:mitsubishi:melsec_iq-r_r120_pcpu:-:*:*:*:*:*:*:*
Configuration 14
   cpe:2.3:o:mitsubishi:melsec_iq-r_r08_sfcpu_firmware:*:*:*:*:*:*:*:*
  Running on/with
  cpe:2.3:h:mitsubishi:melsec_iq-r_r08_sfcpu:-:*:*:*:*:*:*:*
Configuration 15
   cpe:2.3:o:mitsubishi:melsec_iq-r_r16_sfcpu_firmware:*:*:*:*:*:*:*:*
  Running on/with
  cpe:2.3:h:mitsubishi:melsec_iq-r_r16_sfcpu:-:*:*:*:*:*:*:*
Configuration 16
   cpe:2.3:o:mitsubishi:melsec_iq-r_r32_sfcpu_firmware:*:*:*:*:*:*:*:*
  Running on/with
  cpe:2.3:h:mitsubishi:melsec_iq-r_r32_sfcpu:-:*:*:*:*:*:*:*
Configuration 17
   cpe:2.3:o:mitsubishi:melsec_iq-r_r120_sfcpu_firmware:*:*:*:*:*:*:*:*
  Running on/with
  cpe:2.3:h:mitsubishi:melsec_iq-r_r120_sfcpu:-:*:*:*:*:*:*:*
Configuration 18
   cpe:2.3:o:mitsubishi:melsec_iq-r_r16_mtcpu_firmware:*:*:*:*:*:*:*:*
  Running on/with
  cpe:2.3:h:mitsubishi:melsec_iq-r_r16_mtcpu:-:*:*:*:*:*:*:*
Configuration 19
   cpe:2.3:o:mitsubishi:melsec_iq-r_r32_mtcpu_firmware:*:*:*:*:*:*:*:*
  Running on/with
  cpe:2.3:h:mitsubishi:melsec_iq-r_r32_mtcpu:-:*:*:*:*:*:*:*
Configuration 20
   cpe:2.3:o:mitsubishi:melsec_iq-r_r64_mtcpu_firmware:*:*:*:*:*:*:*:*
  Running on/with
  cpe:2.3:h:mitsubishi:melsec_iq-r_r64_mtcpu:-:*:*:*:*:*:*:*
Configuration 21
   cpe:2.3:o:mitsubishi:melsec_iq-r_r12_ccpu-v_firmware:*:*:*:*:*:*:*:*
  Running on/with
  cpe:2.3:h:mitsubishi:melsec_iq-r_r12_ccpu-v:-:*:*:*:*:*:*:*
Configuration 22
   cpe:2.3:o:mitsubishi:melsec_q03udecpu_firmware:*:*:*:*:*:*:*:*
  Running on/with
  cpe:2.3:h:mitsubishi:melsec_q03udecpu:-:*:*:*:*:*:*:*
Configuration 23
   cpe:2.3:o:mitsubishi:melsec_q04udecpu_firmware:*:*:*:*:*:*:*:*
  Running on/with
  cpe:2.3:h:mitsubishi:melsec_q04udecpu:-:*:*:*:*:*:*:*
Configuration 24
   cpe:2.3:o:mitsubishi:melsec_q06udecpu_firmware:*:*:*:*:*:*:*:*
  Running on/with
  cpe:2.3:h:mitsubishi:melsec_q06udecpu:-:*:*:*:*:*:*:*
Configuration 25
   cpe:2.3:o:mitsubishi:melsec_q10udecpu_firmware:*:*:*:*:*:*:*:*
  Running on/with
  cpe:2.3:h:mitsubishi:melsec_q10udecpu:-:*:*:*:*:*:*:*
Configuration 26
   cpe:2.3:o:mitsubishi:melsec_q13udecpu_firmware:*:*:*:*:*:*:*:*
  Running on/with
  cpe:2.3:h:mitsubishi:melsec_q13udecpu:-:*:*:*:*:*:*:*
Configuration 27
   cpe:2.3:o:mitsubishi:melsec_q20udecpu_firmware:*:*:*:*:*:*:*:*
  Running on/with
  cpe:2.3:h:mitsubishi:melsec_q20udecpu:-:*:*:*:*:*:*:*
Configuration 28
   cpe:2.3:o:mitsubishi:melsec_q26udecpu_firmware:*:*:*:*:*:*:*:*
  Running on/with
  cpe:2.3:h:mitsubishi:melsec_q26udecpu:-:*:*:*:*:*:*:*
Configuration 29
   cpe:2.3:o:mitsubishi:melsec_q50udecpu_firmware:*:*:*:*:*:*:*:*
  Running on/with
  cpe:2.3:h:mitsubishi:melsec_q50udecpu:-:*:*:*:*:*:*:*
Configuration 30
   cpe:2.3:o:mitsubishi:melsec_q100udecpu_firmware:*:*:*:*:*:*:*:*
  Running on/with
  cpe:2.3:h:mitsubishi:melsec_q100udecpu:-:*:*:*:*:*:*:*
Configuration 31
   cpe:2.3:o:mitsubishi:melsec_q03udvcpu_firmware:-:*:*:*:*:*:*:*
  Running on/with
  cpe:2.3:h:mitsubishi:melsec_q03udvcpu:-:*:*:*:*:*:*:*
Configuration 32
   cpe:2.3:o:mitsubishi:melsec_q04udvcpu_firmware:-:*:*:*:*:*:*:*
  Running on/with
  cpe:2.3:h:mitsubishi:melsec_q04udvcpu:-:*:*:*:*:*:*:*
Configuration 33
   cpe:2.3:o:mitsubishi:melsec_q06udvcpu_firmware:-:*:*:*:*:*:*:*
  Running on/with
  cpe:2.3:h:mitsubishi:melsec_q06udvcpu:-:*:*:*:*:*:*:*
Configuration 34
   cpe:2.3:o:mitsubishi:melsec_q13udvcpu_firmware:-:*:*:*:*:*:*:*
  Running on/with
  cpe:2.3:h:mitsubishi:melsec_q13udvcpu:-:*:*:*:*:*:*:*
Configuration 35
   cpe:2.3:o:mitsubishi:melsec_q26udvcpu_firmware:-:*:*:*:*:*:*:*
  Running on/with
  cpe:2.3:h:mitsubishi:melsec_q26udvcpu:-:*:*:*:*:*:*:*
Configuration 36
   cpe:2.3:o:mitsubishi:melsec_q04udpvcpu_firmware:-:*:*:*:*:*:*:*
  Running on/with
  cpe:2.3:h:mitsubishi:melsec_q04udpvcpu:-:*:*:*:*:*:*:*
Configuration 37
   cpe:2.3:o:mitsubishi:melsec_q06udpvcpu_firmware:-:*:*:*:*:*:*:*
  Running on/with
  cpe:2.3:h:mitsubishi:melsec_q06udpvcpu:-:*:*:*:*:*:*:*
Configuration 38
   cpe:2.3:o:mitsubishi:melsec_q13udpvcpu_firmware:-:*:*:*:*:*:*:*
  Running on/with
  cpe:2.3:h:mitsubishi:melsec_q13udpvcpu:-:*:*:*:*:*:*:*
Configuration 39
   cpe:2.3:o:mitsubishi:melsec_q26udpvcpu_firmware:-:*:*:*:*:*:*:*
  Running on/with
  cpe:2.3:h:mitsubishi:melsec_q26udpvcpu:-:*:*:*:*:*:*:*
Configuration 40
   cpe:2.3:o:mitsubishi:melsec_q12dccpu-v_firmware:*:*:*:*:*:*:*:*
  Running on/with
  cpe:2.3:h:mitsubishi:melsec_q12dccpu-v:-:*:*:*:*:*:*:*
Configuration 41
   cpe:2.3:o:mitsubishi:melsec_q24dhccpu-v(g)_firmware:*:*:*:*:*:*:*:*
  Running on/with
  cpe:2.3:h:mitsubishi:melsec_q24dhccpu-v(g):-:*:*:*:*:*:*:*
Configuration 42
   cpe:2.3:o:mitsubishi:melsec_q24dhccpu-ls_firmware:*:*:*:*:*:*:*:*
  Running on/with
  cpe:2.3:h:mitsubishi:melsec_q24dhccpu-ls:-:*:*:*:*:*:*:*
Configuration 43
   cpe:2.3:o:mitsubishi:melsec_q26dhccpu-ls_firmware:-:*:*:*:*:*:*:*
  Running on/with
  cpe:2.3:h:mitsubishi:melsec_q26dhccpu-ls:-:*:*:*:*:*:*:*
Configuration 44
   cpe:2.3:o:mitsubishi:melsec_mr-mq100_firmware:*:*:*:*:*:*:*:*
  Running on/with
  cpe:2.3:h:mitsubishi:melsec_mr-mq100:-:*:*:*:*:*:*:*
Configuration 45
   cpe:2.3:o:mitsubishi:melsec_q172dcpu-s1_firmware:*:*:*:*:*:*:*:*
  Running on/with
  cpe:2.3:h:mitsubishi:melsec_q172dcpu-s1:-:*:*:*:*:*:*:*
Configuration 46
   cpe:2.3:o:mitsubishi:melsec_q173dcpu-s1_firmware:*:*:*:*:*:*:*:*
  Running on/with
  cpe:2.3:h:mitsubishi:melsec_q173dcpu-s1:-:*:*:*:*:*:*:*
Configuration 47
   cpe:2.3:o:mitsubishi:melsec_q172dscpu_firmware:*:*:*:*:*:*:*:*
  Running on/with
  cpe:2.3:h:mitsubishi:melsec_q172dscpu:-:*:*:*:*:*:*:*
Configuration 48
   cpe:2.3:o:mitsubishi:melsec_q173dscpu_firmware:-:*:*:*:*:*:*:*
  Running on/with
  cpe:2.3:h:mitsubishi:melsec_q173dscpu:-:*:*:*:*:*:*:*
Configuration 49
   cpe:2.3:o:mitsubishi:melsec_q170mscpu(-s1)_firmware:*:*:*:*:*:*:*:*
  Running on/with
  cpe:2.3:h:mitsubishi:melsec_q170mscpu(-s1):-:*:*:*:*:*:*:*
Configuration 50
   cpe:2.3:o:mitsubishi:melsec_q170mcpu_firmware:*:*:*:*:*:*:*:*
  Running on/with
  cpe:2.3:h:mitsubishi:melsec_q170mcpu:-:*:*:*:*:*:*:*
Configuration 51
   cpe:2.3:o:mitsubishi:melipc_mi5122-vw_firmware:*:*:*:*:*:*:*:*
  Running on/with
  cpe:2.3:h:mitsubishi:melipc_mi5122-vw:-:*:*:*:*:*:*:*
Configuration 52
   cpe:2.3:o:mitsubishi:melsec_l26cpu-(p)bt_firmware:*:*:*:*:*:*:*:*
  Running on/with
  cpe:2.3:h:mitsubishi:melsec_l26cpu-(p)bt:-:*:*:*:*:*:*:*
Configuration 53
   cpe:2.3:o:mitsubishi:melsec_l26cpu(-p)_firmware:*:*:*:*:*:*:*:*
  Running on/with
  cpe:2.3:h:mitsubishi:melsec_l26cpu(-p):-:*:*:*:*:*:*:*
Configuration 54
   cpe:2.3:o:mitsubishi:melsec_l06cpu(-p)_firmware:*:*:*:*:*:*:*:*
  Running on/with
  cpe:2.3:h:mitsubishi:melsec_l06cpu(-p):-:*:*:*:*:*:*:*
Configuration 55
   cpe:2.3:o:mitsubishi:melsec_l02cpu(-p)_firmware:*:*:*:*:*:*:*:*
  Running on/with
  cpe:2.3:h:mitsubishi:melsec_l02cpu(-p):-:*:*:*:*:*:*:*
Configuration 56
   cpe:2.3:o:mitsubishi:melsec_iq-r_r08_cpu_firmware:*:*:*:*:*:*:*:*
  Running on/with
  cpe:2.3:h:mitsubishi:melsec_iq-r_r08_cpu:*:*:*:*:*:*:*:*
Configuration 57
   cpe:2.3:o:mitsubishi:melsec_iq-r_r16_cpu_firmware:*:*:*:*:*:*:*:*
  Running on/with
  cpe:2.3:h:mitsubishi:melsec_iq-r_r16_cpu:-:*:*:*:*:*:*:*
Configuration 58
   cpe:2.3:o:mitsubishi:melsec_iq-r_r32_cpu_firmware:*:*:*:*:*:*:*:*
  Running on/with
  cpe:2.3:h:mitsubishi:melsec_iq-r_r32_cpu:-:*:*:*:*:*:*:*
Configuration 59
   cpe:2.3:o:mitsubishi:melsec_iq-r_r120_cpu_firmware:*:*:*:*:*:*:*:*
  Running on/with
  cpe:2.3:h:mitsubishi:melsec_iq-r_r120_cpu:-:*:*:*:*:*:*:*

Exploits

Exploit-db.com
id description date
No known exploits
Other (github, ...)
Url
No known exploits

CAPEC

id description severity
492 Regular Expression Exponential Blowup
147 XML Ping of the Death
Medium

Sherlock® flash

Take a picture of your computer network in a few clicks !

The Sherlock® flash audit solution allows you to perform an audit to strengthen the security of your IT assets. Vulnerability analysis of your physical and virtual equipment. Patch planning by priority level and time available. Detailed and intuitive reporting.

Discover this offer

Sherlock® flash: 1st instant cybersecurity audit solution