259 matches found
CVE-2020-5666
Uncontrolled resource consumption vulnerability in MELSEC iQ-R Series CPU Modules R00/01/02CPU Firmware versions from '05' to '19' and R04/08/16/32/120ENCPU Firmware versions from '35' to '51' allows a remote attacker to cause an error in a CPU unit via a specially crafted HTTP packet, which may...
CVE-2020-5656
Improper access control vulnerability in TCP/IP function included in the firmware of MELSEC iQ-R series RJ71EIP91 EtherNet/IP Network Interface Module First 2 digits of serial number are '02' or before, RJ71PN92 PROFINET IO Controller Module First 2 digits of serial number are '01' or before,...
CVE-2022-40265
Improper Input Validation vulnerability in Mitsubishi Electric Corporation MELSEC iQ-R Series RJ71EN71 Firmware version "65" and prior and Mitsubishi Electric Corporation MELSEC iQ-R Series R04/08/16/32/120ENCPU Network Part Firmware version "65" and prior allows a remote unauthenticated attacker...
Mitsubishi Electric MELSEC iQ-R Series Safety CPU and SIL2 Process CPU Incorrect Privilege Assignment (CVE-2023-6815)
Incorrect Privilege Assignment vulnerability in Mitsubishi Electric Corporation MELSEC iQ-R Series Safety CPU R08/16/32/120SFCPU all versions and MELSEC iQ-R Series SIL2 Process CPU R08/16/32/120PSFCPU all versions allows a remote authenticated attacker who has logged into the product as a...
The vulnerability of the microprogrammed software of the MELSEC iQ-R Series Safety CPU and Series SIL2 Process CPU lies in the transmission of account data in an unencrypted form, allowing unauthorized access by intruders to the protected information.
The vulnerability of the microprogramming software for MELSEC iQ-R Series Safety CPUs and Series SIL2 Process CPUs is related to the transmission of account data in an unencrypted form. Exploiting this vulnerability can allow an unauthorized person to gain unauthorized access to protected...
Mitsubishi Electric MELSEC iQ-R series Information Disclosure Vulnerability
The Mitsubishi Electric MELSEC iQ-R series is a programmable logic controller from Mitsubishi Electric Japan. The Mitsubishi Electric MELSEC iQ-R series suffers from an information disclosure vulnerability that can be exploited by an authenticated, remote attacker to log in to the product and...
The vulnerability of the microprogrammed software of the MELSEC iQ-R Series Safety CPU and Series SIL2 Process CPU modules, related to incorrect privilege assignment, allows an intruder to gain unauthorized access to protected information.
The vulnerability of the microprogramming software for MELSEC iQ-R Series Safety CPUs and Series SIL2 Process CPUs is related to the improper assignment of privileges. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information usi...
PT-2024-2052 · Mitsubishi · Melsec Iq-R Series Cpu Modules +23
Name of the Vulnerable Software and Affected Versions: MELSEC iQ-R series CPU module affected versions not specified MELSEC iQ-L series CPU module affected versions not specified MELSEC iQ-R Ethernet Interface Module affected versions not specified MELSEC iQ-R CC-Link IE TSN Master/Local Module...
CVE-2023-6815
Incorrect Privilege Assignment vulnerability in Mitsubishi Electric Corporation MELSEC iQ-R Series Safety CPU R08/16/32/120SFCPU all versions and MELSEC iQ-R Series SIL2 Process CPU R08/16/32/120PSFCPU all versions allows a remote authenticated attacker who has logged into the product as a...
Privilege escalation
Incorrect Privilege Assignment vulnerability in Mitsubishi Electric Corporation MELSEC iQ-R Series Safety CPU R08/16/32/120SFCPU all versions and MELSEC iQ-R Series SIL2 Process CPU R08/16/32/120PSFCPU all versions allows a remote authenticated attacker who has logged into the product as a...
Mitsubishi Electric MELSEC iQ-R Series Safety CPU and SIL2 Process CPU (Update A)
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 6.5 ATTENTION : Exploitable remotely/low attack complexity Vendor : Mitsubishi Electric Equipment : MELSEC iQ-R Series Safety CPU and SIL2 Process CPU Vulnerability : Incorrect Privilege Assignment 2. RISK EVALUATION Successful exploitation of this...
CVE-2023-6815
Incorrect Privilege Assignment vulnerability in Mitsubishi Electric Corporation MELSEC iQ-R Series Safety CPU R08/16/32/120SFCPU all versions and MELSEC iQ-R Series SIL2 Process CPU R08/16/32/120PSFCPU all versions allows a remote authenticated attacker who has logged into the product as a...
CVE-2023-6815
CVE-2023-6815 affects Mitsubishi Electric MELSEC iQ-R Series Safety CPU (R08SFCPU, R16SFCPU, R32SFCPU, R120SFCPU) and SIL2 Process CPU (R08PSFCPU, R16PSFCPU, R32PSFCPU, R120PSFCPU) across all versions. The vulnerability is an Incorrect Privilege Assignment that lets a remote, authenticated non-ad...
CVE-2023-6815
Incorrect Privilege Assignment vulnerability in Mitsubishi Electric Corporation MELSEC iQ-R Series Safety CPU R08/16/32/120SFCPU all versions and MELSEC iQ-R Series SIL2 Process CPU R08/16/32/120PSFCPU all versions allows a remote authenticated attacker who has logged into the product as a...
Mitsubishi Electric MELSEC iQ-R series 安全漏洞
The Mitsubishi Electric MELSEC iQ-R series is a programmable logic controller from Mitsubishi Electric Japan. The Mitsubishi Electric MELSEC iQ-R series suffers from an information disclosure vulnerability that can be exploited by an authenticated, remote attacker to log in to the product and...
PT-2024-2826 · Mitsubishi · Melsec Iq-R Series Safety Cpu +1
Name of the Vulnerable Software and Affected Versions: MELSEC iQ-R Series Safety CPU R08/16/32/120SFCPU all versions MELSEC iQ-R Series SIL2 Process CPU R08/16/32/120PSFCPU all versions Description: The issue is related to an Incorrect Privilege Assignment vulnerability that allows a remote...
Mitsubishi Electric FA Engineering Software Products
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 5.3 Vendor : Mitsubishi Electric Equipment : MELIPC , MELSEC iQ-R, and MELSEC Q Series Vulnerabilities : Processor Optimization Removal or Modification of Security-Critical Code, Observable Discrepancy 2. RISK EVALUATION Successful exploitation of these...
Mitsubishi Electric MELSEC iQ-F/iQ-R Series CPU Module (Update A)
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION : Exploitable remotely/low attack complexity Equipment : MELSEC iQ-F/iQ-R Series Vulnerability : Improper Restriction of Excessive Authentication Attempts 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a remote...
PT-2023-6891
Name of the Vulnerable Software and Affected Versions Mitsubishi Electric Corporation MELSEC-F Series CPU modules affected versions not specified Mitsubishi Electric Corporation MELSEC iQ-F Series affected versions not specified Mitsubishi Electric Corporation MELSEC iQ-R series CPU modules...
Mitsubishi Electric MELSEC iQ-R Series/iQ-F Series Weak Password Requirements (CVE-2023-2060)
Weak Password Requirements vulnerability in FTP function on Mitsubishi Electric Corporation MELSEC iQ-R Series EtherNet/IP module RJ71EIP91 and MELSEC iQ-F Series EtherNet/IP module FX5-ENET/IP allows a remote unauthenticated attacker to access to the module via FTP by dictionary attack or passwo...