2020-11-20 03:30:23
jpcert
PUBLISHED
Uncontrolled resource consumption vulnerability in MELSEC iQ-R Series modules (R00/01/02CPU firmware version 19 and earlier, R04/08/16/32/120 (EN) CPU firmware version 51 and earlier, R08/16/32/120SFCPU firmware version 22 and earlier, R08/16/32/120PCPU firmware version 25 and earlier, R08/16/32/120PSFCPU firmware version 06 and earlier, RJ71EN71 firmware version 47 and earlier, RJ71GF11-T2 firmware version 47 and earlier, RJ72GF15-T2 firmware version 07 and earlier, RJ71GP21-SX firmware version 47 and earlier, RJ71GP21S-SX firmware version 47 and earlier, and RJ71GN11-T2 firmware version 11 and earlier) allows a remote unauthenticated attacker to cause an error in a CPU unit and cause a denial-of-service (DoS) condition in execution of the program and its communication, or to cause a denial-of-service (DoS) condition in communication via the unit by receiving a specially crafted SLMP packet