CVE-2019-6535
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
Mitsubishi Electric Q03/04/06/13/26UDVCPU: serial number 20081 and prior, Q04/06/13/26UDPVCPU: serial number 20081 and prior, and Q03UDECPU, Q04/06/10/13/20/26/50/100UDEHCPU: serial number 20101 and prior. A remote attacker can send specific bytes over Port 5007 that will result in an Ethernet stack crash and disruption to USB communication.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Mitsubishi Electric | Q03/04/06/13/26UDVCPU | 0 <= serial number 20081 | affected |
| Mitsubishi Electric | Q04/06/13/26UDPVCPU | 0 <= serial number 20081 | affected |
| Mitsubishi Electric | Q03UDECPU, Q04/06/10/13/20/26/50/100UDEHCPU | 0 <= serial number 20101 | affected |
Weaknesses
- CWE-400: CWE-400
ADP Enrichment
CVE Program Container
Additional References
References
- http://www.securityfocus.com/bid/106771
- https://www.cisa.gov/news-events/ics-advisories/icsa-19-029-02
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.