{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-24T02:52:12.526","vulnerabilities":[{"cve":{"id":"CVE-2020-5666","sourceIdentifier":"vultures@jpcert.or.jp","published":"2020-11-16T01:15:13.327","lastModified":"2026-06-17T03:22:03.860","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Uncontrolled resource consumption vulnerability in MELSEC iQ-R Series CPU Modules (R00/01/02CPU Firmware versions from '05' to '19' and R04/08/16/32/120(EN)CPU Firmware versions from '35' to '51') allows a remote attacker to cause an error in a CPU unit via a specially crafted HTTP packet, which may lead to a denial-of-service (DoS) condition in execution of the program and its communication."},{"lang":"es","value":"Una vulnerabilidad de consumo de recursos no controlado en MELSEC iQ-R Series CPU Modules (R00/01/02CPU Firmware versiones desde \"05\" hasta \"19\" y R04/08/16/32/120(EN)CPU Firmware versiones desde \"35\" hasta \"51\"), permite a un atacante remoto causar un error en una unidad de CPU por medio de un paquete HTTP especialmente diseñado, lo que puede conllevar a una condición de denegación de servicio (DoS) en la ejecución del programa y su comunicación"}],"affected":[{"source":"vultures@jpcert.or.jp","affectedData":[{"vendor":"Mitsubishi Electric Corporation","product":"MELSEC iQ-R Series CPU Modules","versions":[{"version":"R00/01/02CPU Firmware versions from '05' to '19' and R04/08/16/32/120(EN)CPU Firmware versions from '35' to '51'","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:N/A:C","baseScore":7.1,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":8.6,"impactScore":6.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-400"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:mitsubishielectric:melsec_iq-r00_firmware:*:*:*:*:*:*:*:*","versionStartIncluding":"05","versionEndIncluding":"19","matchCriteriaId":"BF204201-AB24-4566-93C1-8997D722541D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:mitsubishielectric:melsec_iq-r00:-:*:*:*:*:*:*:*","matchCriteriaId":"E329BB01-55F3-4ACA-83B1-C0A37C3C40DF"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:mitsubishielectric:melsec_iq-r01_firmware:*:*:*:*:*:*:*:*","versionStartIncluding":"05","versionEndIncluding":"19","matchCriteriaId":"E095A274-0E64-404F-8336-B5E0317E71E8"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:mitsubishielectric:melsec_iq-r01:-:*:*:*:*:*:*:*","matchCriteriaId":"3D2AB2EF-3607-4445-B144-1D2B8E84AFCD"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:mitsubishielectric:melsec_iq-r02_firmware:*:*:*:*:*:*:*:*","versionStartIncluding":"05","versionEndIncluding":"19","matchCriteriaId":"C7FDCBD2-7935-45ED-BC4A-393CFCC5AD09"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:mitsubishielectric:melsec_iq-r02:-:*:*:*:*:*:*:*","matchCriteriaId":"9A6A0DF8-2920-440E-9077-A51D574EB506"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:mitsubishielectric:melsec_iq-r04_firmware:*:*:*:*:*:*:*:*","versionStartIncluding":"35","versionEndIncluding":"51","matchCriteriaId":"FE4DAD06-541F-42B3-93A3-4F8F7D7E849D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:mitsubishielectric:melsec_iq-r04:-:*:*:*:*:*:*:*","matchCriteriaId":"58BDB040-8491-4C58-AC89-8C4826CC43BF"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:mitsubishielectric:melsec_iq-r16_firmware:*:*:*:*:*:*:*:*","versionStartIncluding":"35","versionEndIncluding":"51","matchCriteriaId":"72FA6BE6-0B85-4D48-A11B-A82C7427841A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:mitsubishielectric:melsec_iq-r16:-:*:*:*:*:*:*:*","matchCriteriaId":"5B3970C4-CE18-458B-829B-B9672B14B136"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:mitsubishielectric:melsec_iq-r08_firmware:*:*:*:*:*:*:*:*","versionStartIncluding":"35","versionEndIncluding":"51","matchCriteriaId":"9E4DB9F1-D664-4297-9F2D-6B433A9F214A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:mitsubishielectric:melsec_iq-r08:-:*:*:*:*:*:*:*","matchCriteriaId":"61A9CB49-8C99-469B-A6BB-B11D91851274"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:mitsubishielectric:melsec_iq-r32_firmware:*:*:*:*:*:*:*:*","versionStartIncluding":"35","versionEndIncluding":"51","matchCriteriaId":"AC59FDC8-F352-479E-8AA1-3A7CF6283629"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:mitsubishielectric:melsec_iq-r32:-:*:*:*:*:*:*:*","matchCriteriaId":"B387F367-2655-4511-A157-FB9C12B58B76"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:mitsubishielectric:melsec_iq-r120_firmware:*:*:*:*:*:*:*:*","versionStartIncluding":"35","versionEndIncluding":"51","matchCriteriaId":"59E65F90-82FA-4DAA-9388-0BE5172FCAE8"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:mitsubishielectric:melsec_iq-r120:-:*:*:*:*:*:*:*","matchCriteriaId":"AA2F92FA-CD06-4D48-8412-A69FB76891EA"}]}]}],"references":[{"url":"https://jvn.jp/en/jp/JVN44764844/index.html","source":"vultures@jpcert.or.jp","tags":["Third Party Advisory"]},{"url":"https://jvn.jp/jp/JVN44764844/index.html","source":"vultures@jpcert.or.jp","tags":["Third Party Advisory"]},{"url":"https://us-cert.cisa.gov/ics/advisories/icsa-20-317-01","source":"vultures@jpcert.or.jp","tags":["Third Party Advisory","US Government Resource"]},{"url":"https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2020-015_en.pdf","source":"vultures@jpcert.or.jp","tags":["Mitigation","Vendor Advisory"]},{"url":"https://jvn.jp/en/jp/JVN44764844/index.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://jvn.jp/jp/JVN44764844/index.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://us-cert.cisa.gov/ics/advisories/icsa-20-317-01","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","US Government Resource"]},{"url":"https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2020-015_en.pdf","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mitigation","Vendor Advisory"]}]}}]}