CVE-2019-6535
Severity CVSS v4.0:
Pending analysis
Type:
CWE-400
Uncontrolled Resource Consumption ('Resource Exhaustion')
Publication date:
05/02/2019
Last modified:
26/06/2025
Description
Mitsubishi Electric Q03/04/06/13/26UDVCPU: serial number 20081 and prior, Q04/06/13/26UDPVCPU: serial number 20081 and prior, and Q03UDECPU, Q04/06/10/13/20/26/50/100UDEHCPU: serial number 20101 and prior. A remote attacker can send specific bytes over Port 5007 that will result in an Ethernet stack crash and disruption to USB communication.
Impact
Base Score 3.x
7.50
Severity 3.x
HIGH
Base Score 2.0
5.00
Severity 2.0
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:mitsubishielectric:q03udvcpu_firmware:*:*:*:*:*:*:*:* | 20081 (including) | |
| cpe:2.3:h:mitsubishielectric:q03udvcpu:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:mitsubishielectric:q04udvcpu_firmware:*:*:*:*:*:*:*:* | 20081 (including) | |
| cpe:2.3:h:mitsubishielectric:q04udvcpu:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:mitsubishielectric:q06udvcpu_firmware:*:*:*:*:*:*:*:* | 20081 (including) | |
| cpe:2.3:h:mitsubishielectric:q06udvcpu:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:mitsubishielectric:q13udvcpu_firmware:*:*:*:*:*:*:*:* | 20081 (including) | |
| cpe:2.3:h:mitsubishielectric:q13udvcpu:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:mitsubishielectric:q26udvcpu_firmware:*:*:*:*:*:*:*:* | 20081 (including) | |
| cpe:2.3:h:mitsubishielectric:q26udvcpu:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:mitsubishielectric:q04udpvcpu_firmware:*:*:*:*:*:*:*:* | 20081 (including) | |
| cpe:2.3:h:mitsubishielectric:q04udpvcpu:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:mitsubishielectric:q06udpvcpu_firmware:*:*:*:*:*:*:*:* | 20081 (including) | |
| cpe:2.3:h:mitsubishielectric:q06udpvcpu:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:mitsubishielectric:q13udpvcpu_firmware:*:*:*:*:*:*:*:* | 20081 (including) |
To consult the complete list of CPE names with products and versions, see this page