CVE-2020-5665

Name: CVE-2020-5665
Creator: NVD / NIST
Published: 2020-12-14T03:15:13.653+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

HIGHCVSS 7.4/10EPSS 0.98%

Last modified Jun 17, 2026

CVE-2020-5665 is a high-severity vulnerability rated 7.4/10 on the CVSS scale. Improper check or handling of exceptional conditions in MELSEC iQ-F series FX5U(C) CPU unit firmware version 1.060 and earlier allows an attacker to cause a denial-of-service (DoS) condition on program execution and communication by sending a specially crafted ARP packet.. EPSS estimates a 0.98% chance of exploitation in the next 30 days.

Description

Improper check or handling of exceptional conditions in MELSEC iQ-F series FX5U(C) CPU unit firmware version 1.060 and earlier allows an attacker to cause a denial-of-service (DoS) condition on program execution and communication by sending a specially crafted ARP packet.

Metrics

CVSS 3.1

7.4/10

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

EPSS Probability

0.98%

57.9th percentile

Probability of exploitation in the next 30 days. Learn more

Affected Software

Vendor	Product	Versions
Mitsubishielectric	Melsec Iq-F Fx5u Cpu Firmware	<= 1.060

References

https://jvn.jp/vu/JVNVU95638588/index.htmlThird Party Advisory
https://us-cert.cisa.gov/ics/advisories/icsa-20-345-01Third Party Advisory, US Government Resource
https://www.mitsubishielectric.co.jp/psirt/vulnerability/pdf/2020-018.pdfVendor Advisory
https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2020-018_en.pdfVendor Advisory
https://jvn.jp/vu/JVNVU95638588/index.htmlThird Party Advisory
https://us-cert.cisa.gov/ics/advisories/icsa-20-345-01Third Party Advisory, US Government Resource
https://www.mitsubishielectric.co.jp/psirt/vulnerability/pdf/2020-018.pdfVendor Advisory
https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2020-018_en.pdfVendor Advisory

Timeline

Published: Dec 14, 2020
Last Modified: Jun 17, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2020-5665?

How severe is CVE-2020-5665?

CVE-2020-5665 has a CVSS score of 7.4/10 (HIGH severity). The EPSS model estimates a 0.98% probability of exploitation in the next 30 days.

How do I fix CVE-2020-5665?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2020-5665?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST