CVE-2021-20610

Description

Improper Handling of Length Parameter Inconsistency vulnerability in Mitsubishi Electric MELSEC iQ-R Series R00/01/02CPU, MELSEC iQ-R Series R04/08/16/32/120(EN)CPU, MELSEC iQ-R Series R08/16/32/120SFCPU, MELSEC iQ-R Series R08/16/32/120PCPU, MELSEC iQ-R Series R08/16/32/120PSFCPU, MELSEC iQ-R Series R16/32/64MTCPU, MELSEC iQ-R Series R12CCPU-V, MELSEC Q Series Q03UDECPU, MELSEC Q Series Q04/06/10/13/20/26/50/100UDEHCPU, MELSEC Q Series Q03/04/06/13/26UDVCPU, MELSEC Q Series Q04/06/13/26UDPVCPU, MELSEC Q Series Q12DCCPU-V, MELSEC Q Series Q24DHCCPU-V(G), MELSEC Q Series Q24/26DHCCPU-LS, MELSEC Q Series MR-MQ100, MELSEC Q Series Q172/173DCPU-S1, MELSEC Q Series Q172/173DSCPU, MELSEC Q Series Q170MCPU, MELSEC Q Series Q170MSCPU(-S1), MELSEC L Series L02/06/26CPU(-P), MELSEC L Series L26CPU-(P)BT and MELIPC Series MI5122-VW allows a remote unauthenticated attacker to cause a denial-of-service (DoS) condition by sending specially crafted packets. System reset is required for recovery.

Category

7.5
CVSS
Severity: High
CVSS 3.1 •
CVSS 2.0 •
EPSS 0.81% Top 30%
Vendor Advisory mitsubishielectric.com
Affected: Mitsubishi Electric Corporation MELSEC iQ-R Series R00CPU
Affected: Mitsubishi Electric Corporation MELSEC iQ-R Series R01CPU
Affected: Mitsubishi Electric Corporation MELSEC iQ-R Series R02CPU
Affected: Mitsubishi Electric Corporation MELSEC iQ-R Series R04CPU
Affected: Mitsubishi Electric Corporation MELSEC iQ-R Series R08CPU
Affected: Mitsubishi Electric Corporation MELSEC iQ-R Series R16CPU
Affected: Mitsubishi Electric Corporation MELSEC iQ-R Series R32CPU
Affected: Mitsubishi Electric Corporation MELSEC iQ-R Series R120CPU
Affected: Mitsubishi Electric Corporation MELSEC iQ-R Series R04ENCPU
Affected: Mitsubishi Electric Corporation MELSEC iQ-R Series R08ENCPU
Affected: Mitsubishi Electric Corporation MELSEC iQ-R Series R16ENCPU
Affected: Mitsubishi Electric Corporation MELSEC iQ-R Series R32ENCPU
Affected: Mitsubishi Electric Corporation MELSEC iQ-R Series R120ENCPU
Affected: Mitsubishi Electric Corporation MELSEC iQ-R Series R08SFCPU
Affected: Mitsubishi Electric Corporation MELSEC iQ-R Series R16SFCPU
Affected: Mitsubishi Electric Corporation MELSEC iQ-R Series R32SFCPU
Affected: Mitsubishi Electric Corporation MELSEC iQ-R Series R120SFCPU
Affected: Mitsubishi Electric Corporation MELSEC iQ-R Series R08PCPU
Affected: Mitsubishi Electric Corporation MELSEC iQ-R Series R16PCPU
Affected: Mitsubishi Electric Corporation MELSEC iQ-R Series R32PCPU
Affected: Mitsubishi Electric Corporation MELSEC iQ-R Series R120PCPU
Affected: Mitsubishi Electric Corporation MELSEC iQ-R Series R08PSFCPU
Affected: Mitsubishi Electric Corporation MELSEC iQ-R Series R16PSFCPU
Affected: Mitsubishi Electric Corporation MELSEC iQ-R Series R32PSFCPU
Affected: Mitsubishi Electric Corporation MELSEC iQ-R Series R120PSFCPU
Affected: Mitsubishi Electric Corporation MELSEC iQ-R Series R16MTCPU
Affected: Mitsubishi Electric Corporation MELSEC iQ-R Series R32MTCPU
Affected: Mitsubishi Electric Corporation MELSEC iQ-R Series R64MTCPU
Affected: Mitsubishi Electric Corporation MELSEC iQ-R Series R12CCPU-V
Affected: Mitsubishi Electric Corporation MELSEC Q Series Q03UDECPU
Affected: Mitsubishi Electric Corporation MELSEC Q Series Q04UDEHCPU
Affected: Mitsubishi Electric Corporation MELSEC Q Series Q06UDEHCPU
Affected: Mitsubishi Electric Corporation MELSEC Q Series Q10UDEHCPU
Affected: Mitsubishi Electric Corporation MELSEC Q Series Q13UDEHCPU
Affected: Mitsubishi Electric Corporation MELSEC Q Series Q20UDEHCPU
Affected: Mitsubishi Electric Corporation MELSEC Q Series Q26UDEHCPU
Affected: Mitsubishi Electric Corporation MELSEC Q Series Q50UDEHCPU
Affected: Mitsubishi Electric Corporation MELSEC Q Series Q100UDEHCPU
Affected: Mitsubishi Electric Corporation MELSEC Q Series Q03UDVCPU
Affected: Mitsubishi Electric Corporation MELSEC Q Series Q04UDVCPU
Affected: Mitsubishi Electric Corporation MELSEC Q Series Q06UDVCPU
Affected: Mitsubishi Electric Corporation MELSEC Q Series Q13UDVCPU
Affected: Mitsubishi Electric Corporation MELSEC Q Series Q26UDVCPU
Affected: Mitsubishi Electric Corporation MELSEC Q Series Q04UDPVCPU
Affected: Mitsubishi Electric Corporation MELSEC Q Series Q06UDPVCPU
Affected: Mitsubishi Electric Corporation MELSEC Q Series Q13UDPVCPU
Affected: Mitsubishi Electric Corporation MELSEC Q Series Q26UDPVCPU
Affected: Mitsubishi Electric Corporation MELSEC Q Series Q12DCCPU-V
Affected: Mitsubishi Electric Corporation MELSEC Q Series Q24DHCCPU-V
Affected: Mitsubishi Electric Corporation MELSEC Q Series Q24DHCCPU-VG
Affected: Mitsubishi Electric Corporation MELSEC Q Series Q24DHCCPU-LS
Affected: Mitsubishi Electric Corporation MELSEC Q Series Q26DHCCPU-LS
Affected: Mitsubishi Electric Corporation MELSEC Q Series MR-MQ100
Affected: Mitsubishi Electric Corporation MELSEC Q Series Q172DCPU-S1
Affected: Mitsubishi Electric Corporation MELSEC Q Series Q173DCPU-S1
Affected: Mitsubishi Electric Corporation MELSEC Q Series Q172DSCPU
Affected: Mitsubishi Electric Corporation MELSEC Q Series Q173DSCPU
Affected: Mitsubishi Electric Corporation MELSEC Q Series Q170MCPU
Affected: Mitsubishi Electric Corporation MELSEC Q Series Q170MSCPU
Affected: Mitsubishi Electric Corporation MELSEC Q Series Q170MSCPU-S1
Affected: Mitsubishi Electric Corporation MELSEC L Series L02CPU
Affected: Mitsubishi Electric Corporation MELSEC L Series L06CPU
Affected: Mitsubishi Electric Corporation MELSEC L Series L26CPU
Affected: Mitsubishi Electric Corporation MELSEC L Series L02CPU-P
Affected: Mitsubishi Electric Corporation MELSEC L Series L06CPU-P
Affected: Mitsubishi Electric Corporation MELSEC L Series L26CPU-P
Affected: Mitsubishi Electric Corporation MELSEC L Series L26CPU-BT
Affected: Mitsubishi Electric Corporation MELSEC L Series L26CPU-PBT
Affected: Mitsubishi Electric Corporation MELIPC Series MI5122-VW
Published at:
Updated at:

References

Link Tags
https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-019_en.pdf vendor advisory
https://jvn.jp/vu/JVNVU94434051/index.html third party advisory government resource
https://us-cert.cisa.gov/ics/advisories/icsa-21-334-02 government resource third party advisory us government resource

Frequently Asked Questions

What is the severity of CVE-2021-20610?
CVE-2021-20610 has been scored as a high severity vulnerability.
How to fix CVE-2021-20610?
To fix CVE-2021-20610, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2021-20610 being actively exploited in the wild?
As for now, there are no information to confirm that CVE-2021-20610 is being actively exploited. According to its EPSS score, there is a ~1% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2021-20610?
CVE-2021-20610 affects Mitsubishi Electric Corporation MELSEC iQ-R Series R00CPU, Mitsubishi Electric Corporation MELSEC iQ-R Series R01CPU, Mitsubishi Electric Corporation MELSEC iQ-R Series R02CPU, Mitsubishi Electric Corporation MELSEC iQ-R Series R04CPU, Mitsubishi Electric Corporation MELSEC iQ-R Series R08CPU, Mitsubishi Electric Corporation MELSEC iQ-R Series R16CPU, Mitsubishi Electric Corporation MELSEC iQ-R Series R32CPU, Mitsubishi Electric Corporation MELSEC iQ-R Series R120CPU, Mitsubishi Electric Corporation MELSEC iQ-R Series R04ENCPU, Mitsubishi Electric Corporation MELSEC iQ-R Series R08ENCPU, Mitsubishi Electric Corporation MELSEC iQ-R Series R16ENCPU, Mitsubishi Electric Corporation MELSEC iQ-R Series R32ENCPU, Mitsubishi Electric Corporation MELSEC iQ-R Series R120ENCPU, Mitsubishi Electric Corporation MELSEC iQ-R Series R08SFCPU, Mitsubishi Electric Corporation MELSEC iQ-R Series R16SFCPU, Mitsubishi Electric Corporation MELSEC iQ-R Series R32SFCPU, Mitsubishi Electric Corporation MELSEC iQ-R Series R120SFCPU, Mitsubishi Electric Corporation MELSEC iQ-R Series R08PCPU, Mitsubishi Electric Corporation MELSEC iQ-R Series R16PCPU, Mitsubishi Electric Corporation MELSEC iQ-R Series R32PCPU, Mitsubishi Electric Corporation MELSEC iQ-R Series R120PCPU, Mitsubishi Electric Corporation MELSEC iQ-R Series R08PSFCPU, Mitsubishi Electric Corporation MELSEC iQ-R Series R16PSFCPU, Mitsubishi Electric Corporation MELSEC iQ-R Series R32PSFCPU, Mitsubishi Electric Corporation MELSEC iQ-R Series R120PSFCPU, Mitsubishi Electric Corporation MELSEC iQ-R Series R16MTCPU, Mitsubishi Electric Corporation MELSEC iQ-R Series R32MTCPU, Mitsubishi Electric Corporation MELSEC iQ-R Series R64MTCPU, Mitsubishi Electric Corporation MELSEC iQ-R Series R12CCPU-V, Mitsubishi Electric Corporation MELSEC Q Series Q03UDECPU, Mitsubishi Electric Corporation MELSEC Q Series Q04UDEHCPU, Mitsubishi Electric Corporation MELSEC Q Series Q06UDEHCPU, Mitsubishi Electric Corporation MELSEC Q Series Q10UDEHCPU, Mitsubishi Electric Corporation MELSEC Q Series Q13UDEHCPU, Mitsubishi Electric Corporation MELSEC Q Series Q20UDEHCPU, Mitsubishi Electric Corporation MELSEC Q Series Q26UDEHCPU, Mitsubishi Electric Corporation MELSEC Q Series Q50UDEHCPU, Mitsubishi Electric Corporation MELSEC Q Series Q100UDEHCPU, Mitsubishi Electric Corporation MELSEC Q Series Q03UDVCPU, Mitsubishi Electric Corporation MELSEC Q Series Q04UDVCPU, Mitsubishi Electric Corporation MELSEC Q Series Q06UDVCPU, Mitsubishi Electric Corporation MELSEC Q Series Q13UDVCPU, Mitsubishi Electric Corporation MELSEC Q Series Q26UDVCPU, Mitsubishi Electric Corporation MELSEC Q Series Q04UDPVCPU, Mitsubishi Electric Corporation MELSEC Q Series Q06UDPVCPU, Mitsubishi Electric Corporation MELSEC Q Series Q13UDPVCPU, Mitsubishi Electric Corporation MELSEC Q Series Q26UDPVCPU, Mitsubishi Electric Corporation MELSEC Q Series Q12DCCPU-V, Mitsubishi Electric Corporation MELSEC Q Series Q24DHCCPU-V , Mitsubishi Electric Corporation MELSEC Q Series Q24DHCCPU-VG, Mitsubishi Electric Corporation MELSEC Q Series Q24DHCCPU-LS, Mitsubishi Electric Corporation MELSEC Q Series Q26DHCCPU-LS, Mitsubishi Electric Corporation MELSEC Q Series MR-MQ100, Mitsubishi Electric Corporation MELSEC Q Series Q172DCPU-S1, Mitsubishi Electric Corporation MELSEC Q Series Q173DCPU-S1, Mitsubishi Electric Corporation MELSEC Q Series Q172DSCPU, Mitsubishi Electric Corporation MELSEC Q Series Q173DSCPU, Mitsubishi Electric Corporation MELSEC Q Series Q170MCPU, Mitsubishi Electric Corporation MELSEC Q Series Q170MSCPU, Mitsubishi Electric Corporation MELSEC Q Series Q170MSCPU-S1, Mitsubishi Electric Corporation MELSEC L Series L02CPU, Mitsubishi Electric Corporation MELSEC L Series L06CPU, Mitsubishi Electric Corporation MELSEC L Series L26CPU, Mitsubishi Electric Corporation MELSEC L Series L02CPU-P, Mitsubishi Electric Corporation MELSEC L Series L06CPU-P, Mitsubishi Electric Corporation MELSEC L Series L26CPU-P, Mitsubishi Electric Corporation MELSEC L Series L26CPU-BT, Mitsubishi Electric Corporation MELSEC L Series L26CPU-PBT, Mitsubishi Electric Corporation MELIPC Series MI5122-VW.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.