CVE-2019-6535
HIGHMitsubishielectric Q03udvcpu Firmware < 20081 - Denial of Service
Title source: ruleDescription
Mitsubishi Electric Q03/04/06/13/26UDVCPU: serial number 20081 and prior, Q04/06/13/26UDPVCPU: serial number 20081 and prior, and Q03UDECPU, Q04/06/10/13/20/26/50/100UDEHCPU: serial number 20101 and prior. A remote attacker can send specific bytes over Port 5007 that will result in an Ethernet stack crash and disruption to USB communication.
References (3)
Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/106771
Third Party Advisory, US Government Resource x_refsource_misc
https://www.cisa.gov/news-events/ics-advisories/icsa-19-029-02
Third Party Advisory, US Government Resource
https://ics-cert.us-cert.gov/advisories/ICSA-19-029-02
Scores
CVSS v3
7.5
EPSS
0.0149
EPSS Percentile
81.3%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Details
CWE
CWE-400
Status
published
Products (18)
mitsubishielectric/q03udecpu_firmware
< 20101
mitsubishielectric/q03udvcpu_firmware
< 20081
mitsubishielectric/q04udehcpu_firmware
< 20101
mitsubishielectric/q04udpvcpu_firmware
< 20081
mitsubishielectric/q04udvcpu_firmware
< 20081
mitsubishielectric/q06udehcpu_firmware
< 20101
mitsubishielectric/q06udpvcpu_firmware
< 20081
mitsubishielectric/q06udvcpu_firmware
< 20081
mitsubishielectric/q100udehcpu_firmware
< 20101
mitsubishielectric/q10udehcpu_firmware
< 20101
... and 8 more
Published
Feb 05, 2019
Tracked Since
Feb 18, 2026