CVE-2021-20598

Summary

Overly Restrictive Account Lockout Mechanism vulnerability in Mitsubishi Electric MELSEC iQ-R series CPU modules (R08/16/32/120SFCPU all versions, R08/16/32/120PSFCPU all versions) allows a remote unauthenticated attacker to lockout a legitimate user by continuously trying login with incorrect password.

Affected Software

VendorProductVersion RangeStatus
n/aMELSEC iQ-R series CPU modules R08/16/32/120SFCPU; R08/16/32/120PSFCPUall versionsaffected

Weaknesses

  • Overly Restrictive Account Lockout Mechanism

ADP Enrichment

CVE Program Container

Additional References

References