259 matches found
Mitsubishi Electric MELSEC iQ-R Series
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.1 ATTENTION : Exploitable remotely/low attack complexity Vendor : Mitsubishi Electric Corporation Equipment : MELSEC iQ-R Series CPU Module Vulnerability : Cleartext Transmission of Sensitive Information 2. RISK EVALUATION Successful exploitation of this...
Mitsubishi Electric MELSEC iQ-R series 授权问题漏洞
The Mitsubishi Electric MELSEC iQ-R series is a programmable logic controller from Mitsubishi Electric, Japan. An authorization issue vulnerability exists in the Mitsubishi Electric MELSEC iQ-R series, which arises from a flaw in the logic of the product login module. An attacker could lock out a...
CVE-2021-20594
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Mitsubishi Electric MELSEC iQ-R series Safety CPU modules R08/16/32/120SFCPU firmware versions "26" and prior and Mitsubishi Electric MELSEC iQ-R series SIL2 Process CPU modules R08/16/32/120PSFCPU firmware versions "11"...
CVE-2021-20597
Insufficiently Protected Credentials vulnerability in Mitsubishi Electric MELSEC iQ-R series Safety CPU modules R08/16/32/120SFCPU firmware versions "26" and prior and Mitsubishi Electric MELSEC iQ-R series SIL2 Process CPU modules R08/16/32/120PSFCPU firmware versions "11" and prior allows a...
CVE-2021-20594
CVE-2021-20594 affects Mitsubishi Electric MELSEC iQ-R series: remote brute-force to obtain legitimate usernames. Affected: Safety CPU R08/16/32/120SFCPU firmware v26 and earlier; SIL2 Process CPU R08/16/32/120PSFCPU firmware v11 and earlier. Mitigations/fixed versions: Safety CPU firmware 27+; S...
CVE-2021-20597
CVE-2021-20597 concerns Mitsubishi Electric MELSEC iQ-R series CPU modules where firmware versions before the fixed releases allow a remote, unauthenticated attacker to login by sniffing network traffic and capturing credentials during user registration or password changes. The issue affects mult...
PT-2021-8027 · Mitsubishi · Melsec Iq-R Series Sil2 Process Cpu Modules R08/16/32/120Psfcpu +1
Name of the Vulnerable Software and Affected Versions: Mitsubishi Electric MELSEC iQ-R series Safety CPU modules R08/16/32/120SFCPU firmware versions prior to 26 Mitsubishi Electric MELSEC iQ-R series SIL2 Process CPU modules R08/16/32/120PSFCPU firmware versions prior to 11 Description: The issu...
PT-2021-8030 · Mitsubishi · Melsec Iq-R Series Safety Cpu Modules R08/16/32/120Sfcpu +1
Name of the Vulnerable Software and Affected Versions: MELSEC iQ-R Series Safety CPU modules R08/16/32/120SFCPU firmware versions prior to 26 MELSEC iQ-R Series SIL2 Process CPU modules R08/16/32/120PSFCPU firmware versions prior to 11 Description: The issue is related to the exposure of sensitiv...
CVE-2021-20591
Uncontrolled Resource Consumption vulnerability in Mitsubishi Electric MELSEC iQ-R series CPU modules R00/01/02CPU all versions, R04/08/16/32/120ENCPU all versions, R08/16/32/120SFCPU all versions, R08/16/32/120PCPU all versions, R08/16/32/120PSFCPU all versions allows a remote unauthenticated...
Race condition
Uncontrolled Resource Consumption vulnerability in Mitsubishi Electric MELSEC iQ-R series CPU modules R00/01/02CPU all versions, R04/08/16/32/120ENCPU all versions, R08/16/32/120SFCPU all versions, R08/16/32/120PCPU all versions, R08/16/32/120PSFCPU all versions allows a remote unauthenticated...
CVE-2021-20591
CVE-2021-20591 affects Mitsubishi Electric MELSEC iQ-R Series CPU modules (R00/01/02CPU all versions; R04/08/16/32/120(EN)CPU all versions; R08/16/32/120SFCPU all versions; R08/16/32/120PCPU all versions; R08/16/32/120PSFCPU all versions). The vulnerability is an Uncontrolled Resource Consumption...
CVE-2021-20591
Uncontrolled Resource Consumption vulnerability in Mitsubishi Electric MELSEC iQ-R series CPU modules R00/01/02CPU all versions, R04/08/16/32/120ENCPU all versions, R08/16/32/120SFCPU all versions, R08/16/32/120PCPU all versions, R08/16/32/120PSFCPU all versions allows a remote unauthenticated...
Mitsubishi Electric MELSEC iQ-R series 资源管理错误漏洞
The Mitsubishi Electric MELSEC iQ-R series is a programmable logic controller from Mitsubishi Electric Japan. A resource management error vulnerability exists in the MELSOFT communication port TCP/IP of the CPU unit of the Mitsubishi Electric MELSEC iQ-R Series, where a remote third party maintai...
Mitsubishi Electric MELSEC iQ-R Series
1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mitsubishi Electric Equipment: MELSEC iQ-R Series Vulnerability: Uncontrolled Resource Consumption 2. RISK EVALUATION Successful exploitation of this vulnerability may prevent legitimate clients from...
The vulnerability of the programmable logic controller MELSEC iQ-R, related to uncontrolled resource consumption, allows a intruder to trigger a service failure.
The vulnerability of the programmable logic controller MELSEC iQ-R is related to an uncontrolled consumption of resources. Exploiting this vulnerability can allow a malicious actor, operating remotely, to cause malfunctions in the service process using a specially crafted package...
CVE-2020-16850
Mitsubishi MELSEC iQ-R Series PLCs with firmware 49 allow an unauthenticated attacker to halt the industrial process by sending a crafted packet over the network. This denial of service attack exposes Improper Input Validation. After halting, physical access to the PLC is required in order to...
Input validation
Mitsubishi MELSEC iQ-R Series PLCs with firmware 49 allow an unauthenticated attacker to halt the industrial process by sending a crafted packet over the network. This denial of service attack exposes Improper Input Validation. After halting, physical access to the PLC is required in order to...
CVE-2020-16850
CVE-2020-16850 affects Mitsubishi Electric MELSEC iQ-R Series PLCs (firmware 49) and is caused by improper input validation. A crafted network packet can cause an unauthenticated remote DoS, halting the industrial process and requiring physical access to recover the device state. Documented affec...
CVE-2020-16850
Mitsubishi MELSEC iQ-R Series PLCs with firmware 49 allow an unauthenticated attacker to halt the industrial process by sending a crafted packet over the network. This denial of service attack exposes Improper Input Validation. After halting, physical access to the PLC is required in order to...
CVE-2020-5668
Uncontrolled resource consumption vulnerability in MELSEC iQ-R Series modules R00/01/02CPU firmware version '19' and earlier, R04/08/16/32/120 EN CPU firmware version '51' and earlier, R08/16/32/120SFCPU firmware version '22' and earlier, R08/16/32/120PCPU firmware version '25' and earlier,...