Unrated severityNVD Advisory· Published Oct 14, 2021· Updated Aug 3, 2024
CVE-2021-20599
CVE-2021-20599
Description
Cleartext Transmission of Sensitive InformationCleartext transmission of sensitive information vulnerability in MELSEC iQ-R series Safety CPU R08/16/32/120SFCPU firmware versions "26" and prior and MELSEC iQ-R series SIL2 Process CPU R08/16/32/120PSFCPU firmware versions "11" and prior allows a remote unauthenticated attacker to login to a target CPU module by obtaining credentials other than password.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
9<= 26+ 4 more
- (no CPE)range: <= 26
- (no CPE)range: Firmware versions "26" and prior
- (no CPE)range: Firmware versions "26" and prior
- (no CPE)range: Firmware versions "26" and prior
- (no CPE)range: Firmware versions "26" and prior
- Mitsubishi Electric Corporation/MELSEC iQ-R Series SIL2 Process CPU R08PSFCPUv5Range: Firmware versions "11" and prior
- Mitsubishi Electric Corporation/MELSEC iQ-R series SIL2 Process CPU R120PSFCPUv5Range: Firmware versions "11" and prior
- Mitsubishi Electric Corporation/MELSEC iQ-R series SIL2 Process CPU R16PSFCPUv5Range: Firmware versions "11" and prior
- Mitsubishi Electric Corporation/MELSEC iQ-R series SIL2 Process CPU R32PSFCPUv5Range: Firmware versions "11" and prior
Patches
Vulnerability mechanics
References
3- www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-011_en.pdfmitrevendor-advisory
- jvn.jp/vu/JVNVU98578731mitregovernment-resource
- www.cisa.gov/uscert/ics/advisories/icsa-21-287-03mitregovernment-resource
News mentions
0No linked articles in our index yet.