EUVD-2020-26693

Malware in sbrugna...

EUVD-2024-32472

Malicious code in bioql PyPI...

CVE-2024-3904

Incorrect Default Permissions vulnerability in Smart Device Communication Gateway preinstalled on MELIPC Series MI5122-VW firmware versions "05" to "07" allows a local attacker to execute arbitrary code by saving a malicious file to a specific folder. As a result, the attacker may disclose, tampe...

CVE-2024-3904

Incorrect Default Permissions vulnerability in Smart Device Communication Gateway preinstalled on MELIPC Series MI5122-VW firmware versions "05" to "07" allows a local attacker to execute arbitrary code by saving a malicious file to a specific folder. As a result, the attacker may disclose, tampe...

CVE-2024-3904

Incorrect Default Permissions vulnerability in Smart Device Communication Gateway preinstalled on MELIPC Series MI5122-VW firmware versions "05" to "07" allows a local attacker to execute arbitrary code by saving a malicious file to a specific folder. As a result, the attacker may disclose, tampe...

CVE-2024-3904

CVE-2024-3904 affects Mitsubishi Electric MELIPC Series MI5122-VW firmware versions 05–07. Root cause: Incorrect Default Permissions (CWE-276) enables a local attacker to execute arbitrary code by saving a malicious file to a specific folder. Impact per sources: disclosure/tampering/destruction o...

CISA Releases Two Industrial Control Systems Advisories

CISA released two Industrial Control Systems ICS advisories on May 9, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-129-02 Hitachi Energy MSM ICSA-21-334-02 Mitsubishi MELSEC and MELIPC Series Update F CISA...

Mitsubishi Electric MELSEC and MELIPC Series Improper Input Validation (CVE-2021-20611)

Improper Input Validation vulnerability in Mitsubishi Electric MELSEC iQ-R Series R00/01/02CPU Firmware versions 24 and prior, Mitsubishi Electric MELSEC iQ-R Series R04/08/16/32/120ENCPU Firmware versions 57 and prior, Mitsubishi Electric MELSEC iQ-R Series R08/16/32/120SFCPU Firmware versions 2...

Mitsubishi Electric MELSEC iQ-R, iQ-L Series and MELIPC Series (Update E)

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION : Exploitable remotely/low attack complexity Vendor : Mitsubishi Electric Equipment : MELSEC iQ-R, iQ-L Series and MELIPC Series Vulnerability : Improper Resource Shutdown or Release 2. RISK EVALUATION Successful exploitation of this vulnerability could...

CISA Releases Seven Industrial Control Systems Advisories

CISA released seven 7 Industrial Control Systems ICS advisories on November 29, 2022. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisories for...

Mitsubishi Electric MELSEC iQ-R, Q, L Series and MELIPC Series (Update C)

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION : Exploitable remotely/low attack complexity Vendor : Mitsubishi Electric Equipment : MELSEC iQ-R, Q, and L Series CPU Module; MELIPC Series CPU Vulnerability : Improper Resource Locking 2. RISK EVALUATION Successful exploitation of this vulnerability...

CVE-2021-20609

CVE-2021-20609 affects Mitsubishi Electric MELSEC MELSEC iQ-R/Q/L series and MELIPC devices. It is an Uncontrolled Resource Consumption (DoS) vulnerability exploitable remotely over network with no authentication; recovery requires a system reset. Connected sources (NVD/NIST, Red Hat, ICSA, Tenab...

Mitsubishi Electric MELSEC Q series 资源管理错误漏洞

The Mitsubishi Electric MELSEC Q series is a programmable logic controller from Mitsubishi Electric Japan. A resource management error vulnerability exists in the Mitsubishi Electric MELSEC Q series, which can be exploited by attackers to perform denial of service attacks. The following products...

多款Mitsubishi Electric产品安全漏洞

Mitsubishi Electric MELSEC-Q Series and others are products of Mitsubishi Electric, Japan.Mitsubishi Electric MELSEC-Q Series is a programmable logic controller of MELSEC-Q series.Mitsubishi Electric MELSEC-L Series is a programmable logic controller of MELSEC-L series. Mitsubishi Electric MELSEC...

PT-2021-5339 · Mitsubishi · Melipc Series +3

Name of the Vulnerable Software and Affected Versions: MELSEC iQ-R Series R00/01/02CPU versions 24 and prior MELSEC iQ-R Series R04/08/16/32/120ENCPU versions 57 and prior MELSEC iQ-R Series R08/16/32/120SFCPU versions 28 and prior MELSEC iQ-R Series R08/16/32/120PCPU versions 29 and prior MELSEC...

PT-2021-5309 · Mitsubishi · Melipc Series +3

Name of the Vulnerable Software and Affected Versions: MELSEC iQ-R Series R00/01/02CPU versions 24 and prior MELSEC iQ-R Series R04/08/16/32/120ENCPU versions 57 and prior MELSEC iQ-R Series R08/16/32/120SFCPU versions 28 and prior MELSEC iQ-R Series R08/16/32/120PCPU versions 29 and prior MELSEC...

CVE-2020-5531

Mitsubishi Electric MELSEC C Controller Module and MELIPC Series MI5000 MELSEC-Q Series C Controller ModuleQ24DHCCPU-V, Q24DHCCPU-VG User Ethernet port CH1, CH2: First 5 digits of serial number 21121 or before, MELSEC iQ-R Series C Controller Module / C Intelligent Function ModuleR12CCPU-V Ethern...

Design/Logic Flaw

Mitsubishi Electric MELSEC C Controller Module and MELIPC Series MI5000 MELSEC-Q Series C Controller ModuleQ24DHCCPU-V, Q24DHCCPU-VG User Ethernet port CH1, CH2: First 5 digits of serial number 21121 or before, MELSEC iQ-R Series C Controller Module / C Intelligent Function ModuleR12CCPU-V Ethern...

CVE-2020-5531

CVE-2020-5531 affects Mitsubishi Electric MELSEC C Controller Module, MELIPC MI5000, MELSEC-Q C Controller Module (Q24DHCCPU-V/VG), MELSEC iQ-R C Controller Module/C Intelligent Function Module (R12CCPU-V, RD55UP06-V) and MELIPC MI5000 (MI5122-VW). The vulnerability enables remote DoS and malware...