Mitsubishi Electric MELSEC and MELIPC Series Improper Handling of Length Parameter Inconsistency (CVE-2021-20610)

2023-02-1300:00:00

www.tenable.com

mitsubishi electric

melsec

melipc

length parameter inconsistency

cve-2021-20610

denial-of-service

remote attacker

system reset

tenable.ot

0.002 Low

EPSS

Percentile

61.3%

JSON

Improper Handling of Length Parameter Inconsistency vulnerability in Mitsubishi Electric MELSEC iQ-R Series R00/01/02CPU Firmware versions 24 and prior, Mitsubishi Electric MELSEC iQ-R Series R04/08/16/32/120(EN)CPU Firmware versions 57 and prior, Mitsubishi Electric MELSEC iQ-R Series R08/16/32/120SFCPU Firmware versions 28 and prior, Mitsubishi Electric MELSEC iQ-R Series R08/16/32/120PCPU Firmware versions 29 and prior, Mitsubishi Electric MELSEC iQ-R Series R08/16/32/120PSFCPU Firmware versions 08 and prior, Mitsubishi Electric MELSEC iQ-R Series R16/32/64MTCPU Operating system software version 23 and prior, Mitsubishi Electric MELSEC iQ-R Series R12CCPU-V Firmware versions 16 and prior, Mitsubishi Electric MELSEC Q Series Q03UDECPU The first 5 digits of serial No. 23121 and prior, Mitsubishi Electric MELSEC Q Series Q04/06/10/13/20/26/50/100UDEHCPU The first 5 digits of serial No.
23121 and prior, Mitsubishi Electric MELSEC Q Series Q03/04/06/13/26UDVCPU The first 5 digits of serial No. 23071 and prior, Mitsubishi Electric MELSEC Q Series Q04/06/13/26UDPVCPU The first 5 digits of serial No. 23071 and prior, Mitsubishi Electric MELSEC Q Series Q12DCCPU-V The first 5 digits of serial No. 24031 and prior, Mitsubishi Electric MELSEC Q Series Q24DHCCPU-V(G) The first 5 digits of serial No. 24031 and prior, Mitsubishi Electric MELSEC Q Series Q24/26DHCCPU-LS The first 5 digits of serial No.
24031 and prior, Mitsubishi Electric MELSEC Q Series MR-MQ100 Operating system software version F and prior, Mitsubishi Electric MELSEC Q Series Q172/173DCPU-S1 Operating system software version W and prior, Mitsubishi Electric MELSEC Q Series Q172/173DSCPU All versions, Mitsubishi Electric MELSEC Q Series Q170MCPU Operating system software version W and prior, Mitsubishi Electric MELSEC Q Series Q170MSCPU(-S1) All versions, Mitsubishi Electric MELSEC L Series L02/06/26CPU(-P) The first 5 digits of serial No. 23121 and prior, Mitsubishi Electric MELSEC L Series L26CPU-(P)BT The first 5 digits of serial No. 23121 and prior and Mitsubishi Electric MELIPC Series MI5122-VW Firmware versions 05 and prior allows a remote unauthenticated attacker to cause a denial-of-service (DoS) condition by sending specially crafted packets. System reset is required for recovery.

This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.

#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##

include('compat.inc');

if (description)
{
  script_id(500796);
  script_version("1.5");
  script_set_attribute(attribute:"plugin_modification_date", value:"2024/03/04");

  script_cve_id("CVE-2021-20610");

  script_name(english:"Mitsubishi Electric MELSEC and MELIPC Series Improper Handling of Length Parameter Inconsistency (CVE-2021-20610)");

  script_set_attribute(attribute:"synopsis", value:
"The remote OT asset is affected by a vulnerability.");
  script_set_attribute(attribute:"description", value:
"Improper Handling of Length Parameter Inconsistency vulnerability in
Mitsubishi Electric MELSEC iQ-R Series R00/01/02CPU Firmware versions
24 and prior, Mitsubishi Electric MELSEC iQ-R Series
R04/08/16/32/120(EN)CPU Firmware versions 57 and prior, Mitsubishi
Electric MELSEC iQ-R Series R08/16/32/120SFCPU Firmware versions 28
and prior, Mitsubishi Electric MELSEC iQ-R Series R08/16/32/120PCPU
Firmware versions 29 and prior, Mitsubishi Electric MELSEC iQ-R
Series R08/16/32/120PSFCPU Firmware versions 08 and prior,
Mitsubishi Electric MELSEC iQ-R Series R16/32/64MTCPU Operating system
software version 23 and prior, Mitsubishi Electric MELSEC iQ-R
Series R12CCPU-V Firmware versions 16 and prior, Mitsubishi Electric
MELSEC Q Series Q03UDECPU The first 5 digits of serial No. 23121 and
prior, Mitsubishi Electric MELSEC Q Series
Q04/06/10/13/20/26/50/100UDEHCPU The first 5 digits of serial No.
23121 and prior, Mitsubishi Electric MELSEC Q Series
Q03/04/06/13/26UDVCPU The first 5 digits of serial No. 23071 and
prior, Mitsubishi Electric MELSEC Q Series Q04/06/13/26UDPVCPU The
first 5 digits of serial No. 23071 and prior, Mitsubishi Electric
MELSEC Q Series Q12DCCPU-V The first 5 digits of serial No. 24031
and prior, Mitsubishi Electric MELSEC Q Series Q24DHCCPU-V(G) The
first 5 digits of serial No. 24031 and prior, Mitsubishi Electric
MELSEC Q Series Q24/26DHCCPU-LS The first 5 digits of serial No.
24031 and prior, Mitsubishi Electric MELSEC Q Series MR-MQ100
Operating system software version F and prior, Mitsubishi Electric
MELSEC Q Series Q172/173DCPU-S1 Operating system software version W
and prior, Mitsubishi Electric MELSEC Q Series Q172/173DSCPU All
versions, Mitsubishi Electric MELSEC Q Series Q170MCPU Operating
system software version W and prior, Mitsubishi Electric MELSEC Q
Series Q170MSCPU(-S1) All versions, Mitsubishi Electric MELSEC L
Series L02/06/26CPU(-P) The first 5 digits of serial No. 23121 and
prior, Mitsubishi Electric MELSEC L Series L26CPU-(P)BT The first 5
digits of serial No. 23121 and prior and Mitsubishi Electric MELIPC
Series MI5122-VW Firmware versions 05 and prior allows a remote
unauthenticated attacker to cause a denial-of-service (DoS) condition
by sending specially crafted packets. System reset is required for
recovery.

This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.");
  # https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-019_en.pdf
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?05616bce");
  script_set_attribute(attribute:"see_also", value:"https://jvn.jp/vu/JVNVU94434051/index.html");
  script_set_attribute(attribute:"see_also", value:"https://us-cert.cisa.gov/ics/advisories/icsa-21-334-02");
  script_set_attribute(attribute:"solution", value:
'The following text was originally created by the Cybersecurity and Infrastructure Security Agency (CISA). The original
can be found at CISA.gov.

Mitsubishi Electric has corrected the vulnerabilities in the following products and intends to do the same with other
products.

MELSEC iQ-R Series

- R00/01/02CPU: Firmware Versions 25 or later
- R04/08/16/32/120(EN)CPU: Firmware Versions 58 or later

- R08/16/32/120SFCPU: Firmware Versions 27 or later

- R08/16/32/120PCPU: Firmware Versions 30 or later
- R08/16/32/120PSFCPU: Firmware Versions 09 or later
- R16/32/64MTCPU: Operating system software Version 24 or later
- R12CCPU-V: Firmware Versions 17 or later

MELSEC Q Series

- Q03UDECPU, Q04/06/10/13/20/26/50/100UDEHCPU: The first 5 digits of serial No. 23122 or later
- Q03/04/06/13/26UDVCPU: The first 5 digits of serial No. 23072 or later
- Q04/06/13/26UDPVCPU: The first 5 digits of serial No. 23072 or later
- Q12DCCPU-V, Q24DHCCPU-V(G), Q24/26DHCCPU-LS: The first 5 digits of serial No. 24032 or later
- MR-MQ100: Operating system software version G or later
- Q172/173DCPU-S1: Operating system software version X or later
- Q170MCPU: Operating system software version X or later

MELSEC L Series

- L02/06/26CPU(-P), L26CPU-(P)BT: The first 5 digits of serial No. 23122 or later

MELIPC Series

- MI5122-VW: Firmware Versions 06 or later

Mitsubishi Electric also recommends users take the following mitigation measures to minimize the risk of exploiting
these vulnerabilities:

- Use a firewall or virtual private network (VPN), etc. to prevent unauthorized access when Internet access is required.
- Use a LAN and block access from untrusted networks and hosts through firewalls.
- Use the remote password function or IP filter function to block access from untrusted hosts. For details on the remote
password function and IP filter function, please refer to the following manual for each product.
- MELSEC iQ-R Ethernet Userâs Manual (Application) 1.13 Security "Remote password" "IP filter"
- MELSEC iQ-R Motion Controller Programming Manual (Common) 6.2 Security Function "IP filter"
- MELSEC iQ-R C Controller Module User\'s Manual (Application) 6.6 Security Function "IP filter"
- QnUCPU Userâs Manual (Communication via Built-in Ethernet Port) CHAPTER 10 REMOTE PASSWORD
- MELSEC-L CPU Module User\'s Manual (Built-In Ethernet Function) CHAPTER 11 REMOTE PASSWORD
- MELIPC MI5000 Series User\'s Manual (Application) 11.3 IP Filter Function

For specific update instructions and additional details see the Mitsubishi Electric advisory.');
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2021-20610");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"vuln_publication_date", value:"2021/12/01");
  script_set_attribute(attribute:"patch_publication_date", value:"2021/12/01");
  script_set_attribute(attribute:"plugin_publication_date", value:"2023/02/13");

  script_set_attribute(attribute:"plugin_type", value:"remote");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:mitsubishi:melsec_iq-r_r00_cpu_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:mitsubishi:melsec_iq-r_r01_cpu_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:mitsubishi:melsec_iq-r_r02_cpu_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:mitsubishi:melsec_iq-r_r04_cpu_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:mitsubishi:melsec_iq-r_r04_pcpu_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:mitsubishi:melsec_iq-r_r08_cpu_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:mitsubishi:melsec_iq-r_r08_cpu_firmware:57");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:mitsubishi:melsec_iq-r_r08_pcpu_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:mitsubishi:melsec_iq-r_r08_sfcpu_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:mitsubishi:melsec_iq-r_r120_cpu_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:mitsubishi:melsec_iq-r_r120_cpu_firmware:57");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:mitsubishi:melsec_iq-r_r120_pcpu_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:mitsubishi:melsec_iq-r_r120_sfcpu_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:mitsubishi:melsec_iq-r_r12_ccpu-v_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:mitsubishi:melsec_iq-r_r16_cpu_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:mitsubishi:melsec_iq-r_r16_cpu_firmware:57");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:mitsubishi:melsec_iq-r_r16_mtcpu_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:mitsubishi:melsec_iq-r_r16_pcpu_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:mitsubishi:melsec_iq-r_r16_sfcpu_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:mitsubishi:melsec_iq-r_r32_cpu_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:mitsubishi:melsec_iq-r_r32_cpu_firmware:57");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:mitsubishi:melsec_iq-r_r32_mtcpu_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:mitsubishi:melsec_iq-r_r32_pcpu_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:mitsubishi:melsec_iq-r_r32_sfcpu_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:mitsubishi:melsec_iq-r_r64_mtcpu_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:mitsubishi:melsec_l02cpu%28-p%29_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:mitsubishi:melsec_l06cpu%28-p%29_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:mitsubishi:melsec_l26cpu%28-p%29_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:mitsubishi:melsec_l26cpu-%28p%29bt_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:mitsubishi:melsec_q03udecpu_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:mitsubishi:melsec_q03udvcpu_firmware:-");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:mitsubishi:melsec_q04udecpu_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:mitsubishi:melsec_q04udpvcpu_firmware:-");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:mitsubishi:melsec_q04udvcpu_firmware:-");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:mitsubishi:melsec_q06udecpu_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:mitsubishi:melsec_q06udpvcpu_firmware:-");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:mitsubishi:melsec_q06udvcpu_firmware:-");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:mitsubishi:melsec_q100udecpu_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:mitsubishi:melsec_q10udecpu_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:mitsubishi:melsec_q12dccpu-v_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:mitsubishi:melsec_q13udecpu_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:mitsubishi:melsec_q13udpvcpu_firmware:-");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:mitsubishi:melsec_q13udvcpu_firmware:-");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:mitsubishi:melsec_q170mcpu_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:mitsubishi:melsec_q170mscpu%28-s1%29_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:mitsubishi:melsec_q172dcpu-s1_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:mitsubishi:melsec_q172dscpu_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:mitsubishi:melsec_q173dcpu-s1_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:mitsubishi:melsec_q173dscpu_firmware:-");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:mitsubishi:melsec_q20udecpu_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:mitsubishi:melsec_q24dhccpu-ls_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:mitsubishi:melsec_q24dhccpu-v%28g%29_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:mitsubishi:melsec_q26dhccpu-ls_firmware:-");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:mitsubishi:melsec_q26udecpu_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:mitsubishi:melsec_q26udpvcpu_firmware:-");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:mitsubishi:melsec_q26udvcpu_firmware:-");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:mitsubishi:melsec_q50udecpu_firmware");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Tenable.ot");

  script_copyright(english:"This script is Copyright (C) 2023-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("tenable_ot_api_integration.nasl");
  script_require_keys("Tenable.ot/Mitsubishi");

  exit(0);
}


include('tenable_ot_cve_funcs.inc');

get_kb_item_or_exit('Tenable.ot/Mitsubishi');

var asset = tenable_ot::assets::get(vendor:'Mitsubishi');

var vuln_cpes = {
    "cpe:/o:mitsubishi:melsec_iq-r_r00_cpu_firmware" :
        {"versionEndIncluding" : "24", "family" : "MELSECiQR"},
    "cpe:/o:mitsubishi:melsec_iq-r_r01_cpu_firmware" :
        {"versionEndIncluding" : "24", "family" : "MELSECiQR"},
    "cpe:/o:mitsubishi:melsec_iq-r_r02_cpu_firmware" :
        {"versionEndIncluding" : "24", "family" : "MELSECiQR"},
    "cpe:/o:mitsubishi:melsec_iq-r_r04_cpu_firmware" :
        {"versionEndIncluding" : "57", "family" : "MELSECiQR"},
    "cpe:/o:mitsubishi:melsec_iq-r_r08_cpu_firmware:57" :
        {"versionEndIncluding" : "57", "family" : "MELSECiQR"},
    "cpe:/o:mitsubishi:melsec_iq-r_r120_cpu_firmware:57" :
        {"versionEndIncluding" : "57", "family" : "MELSECiQR"},
    "cpe:/o:mitsubishi:melsec_iq-r_r16_cpu_firmware:57" :
        {"versionEndIncluding" : "57", "family" : "MELSECiQR"},
    "cpe:/o:mitsubishi:melsec_iq-r_r32_cpu_firmware:57" :
        {"versionEndIncluding" : "57", "family" : "MELSECiQR"},
    "cpe:/o:mitsubishi:melsec_iq-r_r04_pcpu_firmware" :
        {"versionEndIncluding" : "29", "family" : "MELSECiQR"},
    "cpe:/o:mitsubishi:melsec_iq-r_r08_pcpu_firmware" :
        {"versionEndIncluding" : "29", "family" : "MELSECiQR"},
    "cpe:/o:mitsubishi:melsec_iq-r_r16_pcpu_firmware" :
        {"versionEndIncluding" : "29", "family" : "MELSECiQR"},
    "cpe:/o:mitsubishi:melsec_iq-r_r32_pcpu_firmware" :
        {"versionEndIncluding" : "29", "family" : "MELSECiQR"},
    "cpe:/o:mitsubishi:melsec_iq-r_r120_pcpu_firmware" :
        {"versionEndIncluding" : "29", "family" : "MELSECiQR"},
    "cpe:/o:mitsubishi:melsec_iq-r_r08_sfcpu_firmware" :
        {"versionEndIncluding" : "28", "family" : "MELSECiQR"},
    "cpe:/o:mitsubishi:melsec_iq-r_r16_sfcpu_firmware" :
        {"versionEndIncluding" : "28", "family" : "MELSECiQR"},
    "cpe:/o:mitsubishi:melsec_iq-r_r32_sfcpu_firmware" :
        {"versionEndIncluding" : "28", "family" : "MELSECiQR"},
    "cpe:/o:mitsubishi:melsec_iq-r_r120_sfcpu_firmware" :
        {"versionEndIncluding" : "28", "family" : "MELSECiQR"},
    "cpe:/o:mitsubishi:melsec_iq-r_r16_mtcpu_firmware" :
        {"versionEndIncluding" : "23", "family" : "MELSECiQR"},
    "cpe:/o:mitsubishi:melsec_iq-r_r32_mtcpu_firmware" :
        {"versionEndIncluding" : "23", "family" : "MELSECiQR"},
    "cpe:/o:mitsubishi:melsec_iq-r_r64_mtcpu_firmware" :
        {"versionEndIncluding" : "23", "family" : "MELSECiQR"},
    "cpe:/o:mitsubishi:melsec_iq-r_r12_ccpu-v_firmware" :
        {"versionEndIncluding" : "16", "family" : "MELSECiQR"},
    "cpe:/o:mitsubishi:melsec_q03udecpu_firmware" :
        {"family" : "MELSECQ"},
    "cpe:/o:mitsubishi:melsec_q04udecpu_firmware" :
        {"family" : "MELSECQ"},
    "cpe:/o:mitsubishi:melsec_q06udecpu_firmware" :
        {"family" : "MELSECQ"},
    "cpe:/o:mitsubishi:melsec_q10udecpu_firmware" :
        {"family" : "MELSECQ"},
    "cpe:/o:mitsubishi:melsec_q13udecpu_firmware" :
        {"family" : "MELSECQ"},
    "cpe:/o:mitsubishi:melsec_q20udecpu_firmware" :
        {"family" : "MELSECQ"},
    "cpe:/o:mitsubishi:melsec_q26udecpu_firmware" :
        {"family" : "MELSECQ"},
    "cpe:/o:mitsubishi:melsec_q50udecpu_firmware" :
        {"family" : "MELSECQ"},
    "cpe:/o:mitsubishi:melsec_q100udecpu_firmware" :
        {"family" : "MELSECQ"},
    "cpe:/o:mitsubishi:melsec_q03udvcpu_firmware:-" :
        {"family" : "MELSECQ"},
    "cpe:/o:mitsubishi:melsec_q04udvcpu_firmware:-" :
        {"family" : "MELSECQ"},
    "cpe:/o:mitsubishi:melsec_q06udvcpu_firmware:-" :
        {"family" : "MELSECQ"},
    "cpe:/o:mitsubishi:melsec_q13udvcpu_firmware:-" :
        {"family" : "MELSECQ"},
    "cpe:/o:mitsubishi:melsec_q26udvcpu_firmware:-" :
        {"family" : "MELSECQ"},
    "cpe:/o:mitsubishi:melsec_q04udpvcpu_firmware:-" :
        {"family" : "MELSECQ"},
    "cpe:/o:mitsubishi:melsec_q06udpvcpu_firmware:-" :
        {"family" : "MELSECQ"},
    "cpe:/o:mitsubishi:melsec_q13udpvcpu_firmware:-" :
        {"family" : "MELSECQ"},
    "cpe:/o:mitsubishi:melsec_q26udpvcpu_firmware:-" :
        {"family" : "MELSECQ"},
    "cpe:/o:mitsubishi:melsec_q12dccpu-v_firmware" :
        {"family" : "MELSECQ"},
    "cpe:/o:mitsubishi:melsec_q24dhccpu-v%28g%29_firmware" :
        {"family" : "MELSECQ"},
    "cpe:/o:mitsubishi:melsec_q24dhccpu-ls_firmware" :
        {"family" : "MELSECQ"},
    "cpe:/o:mitsubishi:melsec_q26dhccpu-ls_firmware:-" :
        {"family" : "MELSECQ"},
    "cpe:/o:mitsubishi:melsec_mr-mq100_firmware" :
        {"family" : "MELSECQ"},
    "cpe:/o:mitsubishi:melsec_q172dcpu-s1_firmware" :
        {"family" : "MELSECQ"},
    "cpe:/o:mitsubishi:melsec_q173dcpu-s1_firmware" :
        {"family" : "MELSECQ"},
    "cpe:/o:mitsubishi:melsec_q172dscpu_firmware" :
        {"family" : "MELSECQ"},
    "cpe:/o:mitsubishi:melsec_q173dscpu_firmware:-" :
        {"family" : "MELSECQ"},
    "cpe:/o:mitsubishi:melsec_q170mscpu%28-s1%29_firmware" :
        {"family" : "MELSECQ"},
    "cpe:/o:mitsubishi:melsec_q170mcpu_firmware" :
        {"family" : "MELSECQ"},
    "cpe:/o:mitsubishi:melsec_l26cpu-%28p%29bt_firmware" :
        {"family" : "MELSECL"},
    "cpe:/o:mitsubishi:melsec_l26cpu%28-p%29_firmware" :
        {"family" : "MELSECL"},
    "cpe:/o:mitsubishi:melsec_l06cpu%28-p%29_firmware" :
        {"family" : "MELSECL"},
    "cpe:/o:mitsubishi:melsec_l02cpu%28-p%29_firmware" :
        {"family" : "MELSECL"},
    "cpe:/o:mitsubishi:melsec_iq-r_r08_cpu_firmware" :
        {"family" : "MELSECiQR"},
    "cpe:/o:mitsubishi:melsec_iq-r_r16_cpu_firmware" :
        {"family" : "MELSECiQR"},
    "cpe:/o:mitsubishi:melsec_iq-r_r32_cpu_firmware" :
        {"family" : "MELSECiQR"},
    "cpe:/o:mitsubishi:melsec_iq-r_r120_cpu_firmware" :
        {"family" : "MELSECiQR"}
};

tenable_ot::cve::compare_and_report(asset:asset, cpes:vuln_cpes, severity:SECURITY_HOLE);

VendorProductVersionCPE
mitsubishimelsec_iq-r_r00_cpu_firmwarecpe:/o:mitsubishi:melsec_iq-r_r00_cpu_firmware
mitsubishimelsec_iq-r_r01_cpu_firmwarecpe:/o:mitsubishi:melsec_iq-r_r01_cpu_firmware
mitsubishimelsec_iq-r_r02_cpu_firmwarecpe:/o:mitsubishi:melsec_iq-r_r02_cpu_firmware
mitsubishimelsec_iq-r_r04_cpu_firmwarecpe:/o:mitsubishi:melsec_iq-r_r04_cpu_firmware
mitsubishimelsec_iq-r_r04_pcpu_firmwarecpe:/o:mitsubishi:melsec_iq-r_r04_pcpu_firmware
mitsubishimelsec_iq-r_r08_cpu_firmwarecpe:/o:mitsubishi:melsec_iq-r_r08_cpu_firmware
mitsubishimelsec_iq-r_r08_cpu_firmware57cpe:/o:mitsubishi:melsec_iq-r_r08_cpu_firmware:57
mitsubishimelsec_iq-r_r08_pcpu_firmwarecpe:/o:mitsubishi:melsec_iq-r_r08_pcpu_firmware
mitsubishimelsec_iq-r_r08_sfcpu_firmwarecpe:/o:mitsubishi:melsec_iq-r_r08_sfcpu_firmware
mitsubishimelsec_iq-r_r120_cpu_firmwarecpe:/o:mitsubishi:melsec_iq-r_r120_cpu_firmware

Vendor	Product	Version	CPE
mitsubishi	melsec_iq-r_r00_cpu_firmware		cpe:/o:mitsubishi:melsec_iq-r_r00_cpu_firmware
mitsubishi	melsec_iq-r_r01_cpu_firmware		cpe:/o:mitsubishi:melsec_iq-r_r01_cpu_firmware
mitsubishi	melsec_iq-r_r02_cpu_firmware		cpe:/o:mitsubishi:melsec_iq-r_r02_cpu_firmware
mitsubishi	melsec_iq-r_r04_cpu_firmware		cpe:/o:mitsubishi:melsec_iq-r_r04_cpu_firmware
mitsubishi	melsec_iq-r_r04_pcpu_firmware		cpe:/o:mitsubishi:melsec_iq-r_r04_pcpu_firmware
mitsubishi	melsec_iq-r_r08_cpu_firmware		cpe:/o:mitsubishi:melsec_iq-r_r08_cpu_firmware
mitsubishi	melsec_iq-r_r08_cpu_firmware	57	cpe:/o:mitsubishi:melsec_iq-r_r08_cpu_firmware:57
mitsubishi	melsec_iq-r_r08_pcpu_firmware		cpe:/o:mitsubishi:melsec_iq-r_r08_pcpu_firmware
mitsubishi	melsec_iq-r_r08_sfcpu_firmware		cpe:/o:mitsubishi:melsec_iq-r_r08_sfcpu_firmware
mitsubishi	melsec_iq-r_r120_cpu_firmware		cpe:/o:mitsubishi:melsec_iq-r_r120_cpu_firmware