VYPR
Unrated severityNVD Advisory· Published Oct 14, 2021· Updated Aug 3, 2024

CVE-2021-20599

CVE-2021-20599

Description

Cleartext Transmission of Sensitive InformationCleartext transmission of sensitive information vulnerability in MELSEC iQ-R series Safety CPU R08/16/32/120SFCPU firmware versions "26" and prior and MELSEC iQ-R series SIL2 Process CPU R08/16/32/120PSFCPU firmware versions "11" and prior allows a remote unauthenticated attacker to login to a target CPU module by obtaining credentials other than password.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

9
  • <= 26+ 4 more
    • (no CPE)range: <= 26
    • (no CPE)range: Firmware versions "26" and prior
    • (no CPE)range: Firmware versions "26" and prior
    • (no CPE)range: Firmware versions "26" and prior
    • (no CPE)range: Firmware versions "26" and prior
  • Mitsubishi Electric Corporation/MELSEC iQ-R Series SIL2 Process CPU R08PSFCPUv5
    Range: Firmware versions "11" and prior
  • Mitsubishi Electric Corporation/MELSEC iQ-R series SIL2 Process CPU R120PSFCPUv5
    Range: Firmware versions "11" and prior
  • Mitsubishi Electric Corporation/MELSEC iQ-R series SIL2 Process CPU R16PSFCPUv5
    Range: Firmware versions "11" and prior
  • Mitsubishi Electric Corporation/MELSEC iQ-R series SIL2 Process CPU R32PSFCPUv5
    Range: Firmware versions "11" and prior

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.