CVE-2021-20586

Description

Resource management errors vulnerability in a robot controller of MELFA FR Series(controller "CR800-*V*D" of RV-*FR***-D-* all versions, controller "CR800-*HD" of RH-*FRH***-D-* all versions, controller "CR800-*HRD" of RH-*FRHR***-D-* all versions, controller "CR800-*V*R with R16RTCPU" of RV-*FR***-R-* all versions, controller "CR800-*HR with R16RTCPU" of RH-*FRH***-R-* all versions, controller "CR800-*HRR with R16RTCPU" of RH-*FRHR***-R-* all versions, controller "CR800-*V*Q with Q172DSRCPU" of RV-*FR***-Q-* all versions, controller "CR800-*HQ with Q172DSRCPU" of RH-*FRH***-Q-* all versions, controller "CR800-*HRQ with Q172DSRCPU" of RH-*FRHR***-Q-* all versions) and a robot controller of MELFA CR Series(controller "CR800-CVD" of RV-8CRL-D-* all versions, controller "CR800-CHD" of RH-*CRH**-D-* all versions) as well as a cooperative robot ASSISTA(controller "CR800-05VD" of RV-5AS-D-* all versions) allows a remote unauthenticated attacker to cause a DoS of the execution of the robot program and the Ethernet communication by sending a large amount of packets in burst over a short period of time. As a result of DoS, an error may occur. A reset is required to recover it if the error occurs.

7.5
CVSS
Severity: High
CVSS 3.1 •
CVSS 2.0 •
EPSS 2.01% Top 20%
Vendor Advisory mitsubishielectric.com
Affected: n/a Robot Controller MELFA FR Series; Robot Controller CR Series; Cooperative Robot ASSISTA
Published at:
Updated at:

References

Link Tags
https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2020-019_en.pdf vendor advisory

Frequently Asked Questions

What is the severity of CVE-2021-20586?
CVE-2021-20586 has been scored as a high severity vulnerability.
How to fix CVE-2021-20586?
To fix CVE-2021-20586, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2021-20586 being actively exploited in the wild?
It is possible that CVE-2021-20586 is being exploited or will be exploited in a near future based on public information. According to its EPSS score, there is a ~2% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2021-20586?
CVE-2021-20586 affects n/a Robot Controller MELFA FR Series; Robot Controller CR Series; Cooperative Robot ASSISTA.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.