Rewterz Threat Alert – Latest AZORult IOCs
November 16, 2020Rewterz Threat Advisory – CVE-2020-8277 – Node.js Denial of Service Vulnerability
November 17, 2020Rewterz Threat Alert – Latest AZORult IOCs
November 16, 2020Rewterz Threat Advisory – CVE-2020-8277 – Node.js Denial of Service Vulnerability
November 17, 2020Severity
Medium
Analysis Summary
A denial-of-service vulnerability due to uncontrolled resource consumption exists in MELSEC iQ-R series CPU modules. This vulnerability does not affect products when the “To Use or Not to Use Web Server” parameter of CPU modules is set to “Not Use.” The default setting is “Not Use.”
Impact
Denial of service
Affected Vendors
Mitsubishi Electric
Affected Products
- R00/01/02 CPU Firmware versions from 05 to 19
- R04/08/16/32/120(EN) CPU Firmware versions from 35 to 51
Remediation
Refer to vendor advisory for the complete list of affected products and their respective patches.