R120psfcpu_firmware - Vulncode-DB

Note:

This project will be discontinued after December 13, 2021. [more]

Product:
R120psfcpu_firmware
(Mitsubishielectric)

Repositories	Unknown: This might be proprietary software.
#Vulnerabilities	6

Date	Id	Summary	Products	Score	Patch	Annotated
2021-10-14	CVE-2021-20599	Cleartext Transmission of Sensitive InformationCleartext transmission of sensitive information vulnerability in MELSEC iQ-R series Safety CPU R08/16/32/120SFCPU firmware versions "26" and prior and MELSEC iQ-R series SIL2 Process CPU R08/16/32/120PSFCPU firmware versions "11" and prior allows a remote unauthenticated attacker to login to a target CPU module by obtaining credentials other than password.	R08psfcpu_firmware, R08sfcpu_firmware, R120psfcpu_firmware, R120sfcpu_firmware, R16psfcpu_firmware, R16sfcpu_firmware, R32psfcpu_firmware, R32sfcpu_firmware	7.5
2021-08-06	CVE-2021-20594	Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Mitsubishi Electric MELSEC iQ-R series Safety CPU modules R08/16/32/120SFCPU firmware versions "26" and prior and Mitsubishi Electric MELSEC iQ-R series SIL2 Process CPU modules R08/16/32/120PSFCPU all versions allows a remote unauthenticated attacker to acquire legitimate user names registered in the module via brute-force attack on user names.	R08psfcpu_firmware, R08sfcpu_firmware, R120psfcpu_firmware, R120sfcpu_firmware, R16psfcpu_firmware, R16sfcpu_firmware, R32psfcpu_firmware, R32sfcpu_firmware	7.5
2021-08-06	CVE-2021-20597	Insufficiently Protected Credentials vulnerability in Mitsubishi Electric MELSEC iQ-R series Safety CPU modules R08/16/32/120SFCPU firmware versions "26" and prior and Mitsubishi Electric MELSEC iQ-R series SIL2 Process CPU modules R08/16/32/120PSFCPU all versions allows a remote unauthenticated attacker to login to the target unauthorizedly by sniffing network traffic and obtaining credentials when registering user information in the target or changing a password.	R08psfcpu_firmware, R08sfcpu_firmware, R120psfcpu_firmware, R120sfcpu_firmware, R16psfcpu_firmware, R16sfcpu_firmware, R32psfcpu_firmware, R32sfcpu_firmware	9.1
2020-11-20	CVE-2020-5668	Uncontrolled resource consumption vulnerability in MELSEC iQ-R Series modules (R00/01/02CPU firmware version '19' and earlier, R04/08/16/32/120 (EN) CPU firmware version '51' and earlier, R08/16/32/120SFCPU firmware version '22' and earlier, R08/16/32/120PCPU firmware version '25' and earlier, R08/16/32/120PSFCPU firmware version '06' and earlier, RJ71EN71 firmware version '47' and earlier, RJ71GF11-T2 firmware version '47' and earlier, RJ72GF15-T2 firmware version '07' and earlier,...	R00cpu_firmware, R01cpu_firmware, R02cpu_firmware, R04cpu_firmware, R08cpu_firmware, R08pcpu_firmware, R08psfcpu_firmware, R08sfcpu_firmware, R120cpu_firmware, R120pcpu_firmware, R120psfcpu_firmware, R120sfcpu_firmware, R16cpu_firmware, R16pcpu_firmware, R16psfcpu_firmware, R16sfcpu_firmware, R32cpu_firmware, R32pcpu_firmware, R32psfcpu_firmware, R32sfcpu_firmware, Rj71c24\-R2_firmware, Rj71c24\-R4_firmware, Rj71en71_firmware, Rj71gf11\-T2_firmware, Rj71gn11\-T2_firmware, Rj71gp21\-Sx_firmware, Rj71gp21s\-Sx_firmware, Rj72gf15\-T2_firmware	7.5
2021-08-06	CVE-2021-20598	Overly Restrictive Account Lockout Mechanism vulnerability in Mitsubishi Electric MELSEC iQ-R series CPU modules (R08/16/32/120SFCPU all versions, R08/16/32/120PSFCPU all versions) allows a remote unauthenticated attacker to lockout a legitimate user by continuously trying login with incorrect password.	R08psfcpu_firmware, R08sfcpu_firmware, R120psfcpu_firmware, R120sfcpu_firmware, R16psfcpu_firmware, R16sfcpu_firmware, R32psfcpu_firmware, R32sfcpu_firmware	5.3
2021-06-11	CVE-2021-20591	Uncontrolled Resource Consumption vulnerability in Mitsubishi Electric MELSEC iQ-R series CPU modules (R00/01/02CPU all versions, R04/08/16/32/120(EN)CPU all versions, R08/16/32/120SFCPU all versions, R08/16/32/120PCPU all versions, R08/16/32/120PSFCPU all versions) allows a remote unauthenticated attacker to prevent legitimate clients from connecting to the MELSOFT transmission port (TCP/IP) by not closing a connection properly, which may lead to a denial of service (DoS) condition.	R00cpu_firmware, R01cpu_firmware, R02cpu_firmware, R04cpu_firmware, R08cpu_firmware, R08pcpu_firmware, R08psfcpu_firmware, R08sfcpu_firmware, R120cpu_firmware, R120pcpu_firmware, R120psfcpu_firmware, R120sfcpu_firmware, R16cpu_firmware, R16pcpu_firmware, R16psfcpu_firmware, R16sfcpu_firmware, R32cpu_firmware, R32pcpu_firmware, R32psfcpu_firmware, R32sfcpu_firmware	7.5