CVE-2020-14521

CVE-2020-14521 affects Mitsubishi Electric Factory Automation engineering software and is a vulnerability in unquoted search path or element (CWE-428) that can lead to remote code execution with high impact. Public sources indicate affected Mitsubishi products span a wide range of engineering uti...

PT-2022-8573 · Mitsubishi · Mitsubishi Electric Factory Automation Engineering

Name of the Vulnerable Software and Affected Versions: Mitsubishi Electric Factory Automation engineering software products affected versions not specified Description: The issue allows a malicious attacker to execute malicious code, potentially obtaining information, modifying information, and...

Schneider Electric Modicon Controllers and Software Authentication Bypass By Spoofing (CVE-2021-22779)

Authentication Bypass by Spoofing vulnerability exists in EcoStruxure Control Expert all versions prior to V15.0 SP1, including all versions of Unity Pro, EcoStruxure Control Expert V15.0 SP1, EcoStruxure Process Expert all versions, including all versions of EcoStruxure Hybrid DCS, SCADAPack...

Vulnerabilities fixed in Oracle Systems

Oracle has fixed vulnerabilities in the following products: Solaris Operating System Sun ZFS Storage Appliance Kit AK Software Sun ZFS Storage Application Integration Engineering Software Fujitsu SPARC Servers Firmware The vulnerability with CVE attribute CVE-2021-2351 allows for an unauthorized...

Mitsubishi Electric FA Engineering Software 数字错误漏洞

Mitsubishi Electric FA engineering software is an engineering software from Mitsubishi Electric Japan. It provides improved efficiency in design and debugging, reduced downtime, and data protection. The Mitsubishi Electric FA engineering software suffers from a numeric error vulnerability that...

Mitsubishi Electric FA Engineering Software (Update B)

1. EXECUTIVE SUMMARY CVSS v3 5.5 ATTENTION: Low attack complexity Vendor: Mitsubishi Electric Equipment: FA Engineering Software Vulnerabilities: Out-of-bounds Read, Integer Underflow 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-21-350-05...

CVE-2021-22779

Authentication Bypass by Spoofing vulnerability exists in EcoStruxure Control Expert all versions prior to V15.0 SP1, including all versions of Unity Pro, EcoStruxure Control Expert V15.0 SP1, EcoStruxure Process Expert all versions, including all versions of EcoStruxure Hybrid DCS, SCADAPack...

CVE-2021-20588

Improper Handling of Length Parameter Inconsistency vulnerability in Mitsubishi Electric FA Engineering Software CPU Module Logging Configuration Tool versions 1.112R and prior, CW Configurator versions 1.011M and prior, Data Transfer versions 3.44W and prior, EZSocket versions 5.4 and prior, FR...

CVE-2021-20588

Improper Handling of Length Parameter Inconsistency vulnerability in Mitsubishi Electric FA Engineering Software CPU Module Logging Configuration Tool versions 1.112R and prior, CW Configurator versions 1.011M and prior, Data Transfer versions 3.44W and prior, EZSocket versions 5.4 and prior, FR...

Heap overflow

Heap-based buffer overflow vulnerability in Mitsubishi Electric FA Engineering Software CPU Module Logging Configuration Tool versions 1.112R and prior, CW Configurator versions 1.011M and prior, Data Transfer versions 3.44W and prior, EZSocket versions 5.4 and prior, FR Configurator all versions...

Input validation

Improper handling of length parameter inconsistency vulnerability in Mitsubishi Electric FA Engineering SoftwareCPU Module Logging Configuration Tool versions 1.112R and prior, CW Configurator versions 1.011M and prior, Data Transfer versions 3.44W and prior, EZSocket versions 5.4 and prior, FR...

CVE-2021-20588

CVE-2021-20588 concerns an improper handling of length parameter inconsistency in Mitsubishi Electric FA Engineering Software. A remote, unauthenticated attacker can cause a DoS on affected software by spoofing MELSEC, GOT or FREQROL and returning crafted replies; exploitation may potentially lea...

CVE-2021-20588

Improper Handling of Length Parameter Inconsistency vulnerability in Mitsubishi Electric FA Engineering Software CPU Module Logging Configuration Tool versions 1.112R and prior, CW Configurator versions 1.011M and prior, Data Transfer versions 3.44W and prior, EZSocket versions 5.4 and prior, FR...

CVE-2021-20587

CVE-2021-20587 is a heap-based buffer overflow in Mitsubishi Electric FA Engineering Software products (numerous tools such as CPU Module Logging Configuration Tool, CW Configurator, Data Transfer, EZSocket, FR Configurator family, GT Designer3/GOT variants, GX/GX Works, MELSOFT EM/Navigator, etc...

CVE-2021-20587

Heap-based buffer overflow vulnerability in Mitsubishi Electric FA Engineering Software CPU Module Logging Configuration Tool versions 1.112R and prior, CW Configurator versions 1.011M and prior, Data Transfer versions 3.44W and prior, EZSocket versions 5.4 and prior, FR Configurator all versions...

PT-2021-14060 · Mitsubishi · Mitsubishi Electric Fa Engineering

Name of the Vulnerable Software and Affected Versions: Mitsubishi Electric FA Engineering Software versions prior to the fixed version Description: A heap-based buffer overflow vulnerability in Mitsubishi Electric FA Engineering Software allows a remote unauthenticated attacker to cause a DoS...

Mitsubishi Electric FA Engineering Software Products (Update H)

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mitsubishi Electric Equipment: FA Engineering Software Products Vulnerabilities: Heap-based Buffer Overflow, Improper Handling of Length Parameter Inconsistency 2. UPDATE INFORMATION This updated...

Mitsubishi Electric FA Engineering Software Buffer Error Vulnerability

Mitsubishi Electric FA Engineering Software is a series of engineering software from Mitsubishi Electric Japan. A buffer error vulnerability exists in Mitsubishi Electric FA Engineering Software. The vulnerability stems from the software's mishandling of parameter lengths, and could allow an...

Mitsubishi Electric FA Engineering Software Buffer Error Vulnerability

Mitsubishi Electric FA Engineering Software is a line of engineering software from Mitsubishi Electric Japan. An input validation error vulnerability exists in Mitsubishi Electric FA Engineering Software. An attacker could cause a denial of service by spoofing MELSEC, GOT, or FREQROL and returnin...

Allen-Bradley CompactLogix L16ER Has Industrial Control Device Vulnerability

Allen-Bradley Automation provides customers with a full suite of components, products, control and information platforms, as well as support services and manufacturing solutions. An industrial control device vulnerability exists in Allen-Bradley CompactLogix L16ER. An attacker could exploit the...