6 matches found
Mitsubishi Electric MELSEC iQ-F Series (Update B)
1. EXECUTIVE SUMMARY CVSS v3 8.6 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mitsubishi Electric Equipment: MELSEC iQ-F Series Vulnerabilities: Improper Input Validation 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-22-139-01...
Mitsubishi Electric MELSEC iQ-F Series
1. EXECUTIVE SUMMARY CVSS v3 8.6 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mitsubishi Electric Equipment: MELSEC iQ-F Series Vulnerabilities: Improper Input Validation 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-22-139-01...
PT-2021-09: Possibility of authorization in Remote Password mechanism using password hash
The vulnerability of the FX5UC CPU and FX5UJ CPU modules of Mitsubishi Electric FA products is associated with the possibility of using a weak password hash. Exploiting the vulnerability may allow an attacker to use the resulting hash value to recover the password value. Advisory status 15.12.202...
PT-2021-12: Authentication pypass by capture-replay in FX5U(C) CPU and FX5UJ CPU modules
The vulnerability of the FX5UC CPU and FX5UJ CPU modules of Mitsubishi Electric FA products is associated with the possibility of bypass authorization using capture-replay of intercepted parameters. Exploitation of the vulnerability may allow an attacker who has intercepted the parameters of the...
PT-2021-10: Possibility of authorization in the file password mechanism using the password hash value in the FX5U(C) CPU and FX5UJ CPU modules
The vulnerability of the FX5UC CPU and FX5UJ CPU modules of Mitsubishi Electric FA products is associated with the possibility of using a password hash instead of a password for authentication. Exploiting the vulnerability may allow an attacker who knows the hash value of the password to perform...
PT-2021-08: Possibility of authorization in Remote Password mechanism using password hash in FX5U(C) CPU and FX5UJ CPU modules
Exploiting the vulnerability of the FX5UC CPU and FX5U CPU modules of Mitsubishi Electric FA products may allow an attacker to perform authorization in Remote Password mechanism using password hash Advisory status 15.12.2021 - Vendor gets vulnerability details 31.03.2022 - Security advisory...