CVE-2020-5603

Q: What is the severity of CVE-2020-5603?

CVE-2020-5603 has a CVSS score of 7.5 (HIGH). This vulnerability allows an attacker to cause denial of service (DoS) conditions in multiple Mitsubishi Electric industrial control software products by exploiting uncontrolled resource consumption. Attackers can disrupt critical industrial operations by exhausting system resources through unspecified vectors. Organizations using affected Mitsubishi Electric FA engineering software are at risk.

7.5 HIGH

Denial of Service

📋 TL;DR

This vulnerability allows an attacker to cause denial of service (DoS) conditions in multiple Mitsubishi Electric industrial control software products by exploiting uncontrolled resource consumption. Attackers can disrupt critical industrial operations by exhausting system resources through unspecified vectors. Organizations using affected Mitsubishi Electric FA engineering software are at risk.

💻 Affected Systems

Products:

CPU Module Logging Configuration Tool
CW Configurator
EM Software Development Kit (EM Configurator)
GT Designer3 (GOT2000)
GX LogViewer
GX Works2
GX Works3
M_CommDTM-HART
M_CommDTM-IO-Link
MELFA-Works
MELSEC-L Flexible High-Speed I/O Control Module Configuration Tool
MELSOFT FieldDeviceConfigurator
MELSOFT iQ AppPortal
MELSOFT Navigator
MI Configurator
Motion Control Setting
MR Configurator2
MT Works2
RT ToolBox2
RT ToolBox3

Versions: Various versions up to specified maximums (e.g., Ver. 1.94Y and earlier, Ver. 1.010L and earlier, etc.)

Operating Systems: Windows

Default Config Vulnerable: ⚠️ Yes

Notes: Affects multiple industrial control software products from Mitsubishi Electric. The vulnerability exists in the base software functionality.

📦 What is this software?

Melsec L Flexible High Speed I\/o Control Module Configuration Tool by Mitsubishielectric

View all CVEs affecting Melsec L Flexible High Speed I\/o Control Module Configuration Tool →

Melsoft Fielddeviceconfigurator by Mitsubishielectric

View all CVEs affecting Melsoft Fielddeviceconfigurator →

Melsoft Iq Appportal by Mitsubishielectric

View all CVEs affecting Melsoft Iq Appportal →

Melsoft Navigator by Mitsubishielectric

View all CVEs affecting Melsoft Navigator →

Mi Configurator by Mitsubishielectric

View all CVEs affecting Mi Configurator →

Motion Control Setting by Mitsubishielectric

View all CVEs affecting Motion Control Setting →

Mr Configurator2 by Mitsubishielectric

View all CVEs affecting Mr Configurator2 →

Mt Works2 by Mitsubishielectric

View all CVEs affecting Mt Works2 →

Rt Toolbox2 by Mitsubishielectric

View all CVEs affecting Rt Toolbox2 →

Rt Toolbox3 by Mitsubishielectric

View all CVEs affecting Rt Toolbox3 →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system unavailability leading to production stoppage, safety system failures, and significant operational disruption in industrial environments.

🟠

Likely Case

Service degradation or temporary unavailability of engineering software, disrupting configuration, monitoring, and maintenance activities.

🟢

If Mitigated

Limited impact with proper network segmentation and access controls, potentially affecting only non-critical systems.

🌐 Internet-Facing: LOW

🏢 Internal Only: HIGH

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

The advisory mentions 'unspecified vectors' but indicates unauthenticated exploitation is possible. No public exploit code has been identified.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Versions newer than those listed in the affected versions section

Vendor Advisory: https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2020-004_en.pdf

Restart Required: Yes

Instructions:

1. Download updated software versions from Mitsubishi Electric's official website. 2. Install updates following vendor instructions. 3. Restart affected systems. 4. Verify successful installation.

🔧 Temporary Workarounds

Network Segmentation

all

Isolate affected systems from untrusted networks to prevent remote exploitation.

Access Control Restrictions

all

Implement strict access controls to limit who can interact with vulnerable software.

🧯 If You Can't Patch

Implement network segmentation to isolate vulnerable systems from potential attackers
Apply strict access controls and monitor for unusual resource consumption patterns

🔍 How to Verify

Check if Vulnerable:

Check software version against affected versions list in vendor advisory. Use 'About' or version information in each application.

Check Version:

Check application 'About' dialog or use Windows 'Programs and Features' to view installed version

Verify Fix Applied:

Verify installed version is newer than affected versions listed in the advisory. Check vendor documentation for specific version numbers.

📡 Detection & Monitoring

Log Indicators:

Unusual resource consumption patterns
Application crashes or hangs
High CPU/memory usage in engineering software

Network Indicators:

Unexpected network connections to engineering software ports
Traffic patterns suggesting resource exhaustion attempts

SIEM Query:

Search for: (event_source contains 'Mitsubishi' OR process_name contains affected software names) AND (event_type contains 'crash' OR resource_usage > threshold)

📊 Metadata

CVE ID: CVE-2020-5603

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-400

Published: June 30, 2020

Last Updated: November 21, 2024

🔗 References

https://jvn.jp/en/vu/JVNVU90307594/index.html Third Party Advisory
https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2020-004_en.pdf Mitigation,Vendor Advisory
https://jvn.jp/en/vu/JVNVU90307594/index.html Third Party Advisory
https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2020-004_en.pdf Mitigation,Vendor Advisory