Rewterz Threat Alert – APT32 Ocean Lotus – Active IOCs
December 1, 2021Rewterz Threat Advisory – ICS: Delta Electronics CNCSoft
December 1, 2021Rewterz Threat Alert – APT32 Ocean Lotus – Active IOCs
December 1, 2021Rewterz Threat Advisory – ICS: Delta Electronics CNCSoft
December 1, 2021Severity
High
Analysis Summary
CVE-2021-20609
The product does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources.
CVE-2021-20610
The product parses a formatted message or structure, but it does not handle or incorrectly handles a length field that is inconsistent with the actual length of the associated data.
CVE-2021-20611
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties required to process the data safely and correctly.
Impact
- Denial of Service
Affected Vendors
- Mitsubishi Electric
Affected Products
- MELSEC iQ-R Series R04/08/16/32/120(EN)CPU Firmware: Versions 57 and prior
- MELSEC iQ-R Series R08/16/32/120SFCPU: All versions
- MELSEC iQ-R Series R08/16/32/120PCPU Firmware: Versions 29 and prior
- MELSEC iQ-R Series R08/16/32/120PSFCPU: All versions
- MELSEC iQ-R Series R16/32/64MTCPU: All versions
- MELSEC iQ-R Series R12CCPU-V: All versions
- MELSEC Q Series Q03UDECPU Q04/06/10/13/20/26/50/100UDEHCPU: All versions
- MELSEC Q Series Q03/04/06/13/26UDVCPU: The first 5 digits of serial No. 23071 and prior
- MELSEC Q Series Q04/06/13/26UDPVCPU: The first 5 digits of serial No. 23071 and prior
- MELSEC Q Series Q12DCCPU-V Q24DHCCPU-V(G) Q24/26DHCCPU-LS: All versions
- MELSEC Q Series MR-MQ100: All versions
- MELSEC Q Series Q172/173DCPU-S1 Q172/172DSCPU: All versions
- MELSEC L Series L02/06/26CPU(-P) L26CPU-(P)BT: All versions
- MELIPC Series MI5122-VW: All versions
- MELSEC iQ-R Series R00/01/02CPU Firmware: Versions 24 and prior
- MELSEC Q Series Q170MCPU Q170MSCPU(-S1): All versions
Remediation
Refer to CISA Advisory for the patch, upgrade, or suggested workaround information.