EUVD-2020-26693

Malware in sbrugna...

EUVD-2024-32472

Malicious code in bioql PyPI...

CVE-2024-3904

Incorrect Default Permissions vulnerability in Smart Device Communication Gateway preinstalled on MELIPC Series MI5122-VW firmware versions "05" to "07" allows a local attacker to execute arbitrary code by saving a malicious file to a specific folder. As a result, the attacker may disclose, tampe...

CVE-2024-3904

Incorrect Default Permissions vulnerability in Smart Device Communication Gateway preinstalled on MELIPC Series MI5122-VW firmware versions "05" to "07" allows a local attacker to execute arbitrary code by saving a malicious file to a specific folder. As a result, the attacker may disclose, tampe...

CVE-2024-3904

Incorrect Default Permissions vulnerability in Smart Device Communication Gateway preinstalled on MELIPC Series MI5122-VW firmware versions "05" to "07" allows a local attacker to execute arbitrary code by saving a malicious file to a specific folder. As a result, the attacker may disclose, tampe...

CVE-2024-3904

Incorrect Default Permissions vulnerability in Smart Device Communication Gateway preinstalled on MELIPC Series MI5122-VW firmware versions "05" to "07" allows a local attacker to execute arbitrary code by saving a malicious file to a specific folder. As a result, the attacker may disclose, tampe...

CVE-2024-3904

CVE-2024-3904 affects Mitsubishi Electric MELIPC Series MI5122-VW firmware versions 05–07. Root cause: Incorrect Default Permissions (CWE-276) enables a local attacker to execute arbitrary code by saving a malicious file to a specific folder. Impact per sources: disclosure/tampering/destruction o...

Mitsubishi Electric FA Engineering Software Products

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 5.3 Vendor : Mitsubishi Electric Equipment : MELIPC , MELSEC iQ-R, and MELSEC Q Series Vulnerabilities : Processor Optimization Removal or Modification of Security-Critical Code, Observable Discrepancy 2. RISK EVALUATION Successful exploitation of these...

CISA Releases Two Industrial Control Systems Advisories

CISA released two Industrial Control Systems ICS advisories on May 9, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-129-02 Hitachi Energy MSM ICSA-21-334-02 Mitsubishi MELSEC and MELIPC Series Update F CISA...

Mitsubishi Electric MELSEC iQ-R, iQ-L Series and MELIPC Series Improper Resource Shutdown or Release (CVE-2022-33324)

Improper Resource Shutdown or Release vulnerability in Mitsubishi Electric Corporation MELSEC iQ-R Series R00/01/02CPU Firmware versions 32 and prior, Mitsubishi Electric Corporation MELSEC iQ-R Series R04/08/16/32/120ENCPU Firmware versions 65 and prior, Mitsubishi Electric Corporation MELSEC iQ...

Mitsubishi Electric MELSEC and MELIPC Series Uncontrolled Resource Consumption (CVE-2021-20609)

Uncontrolled Resource Consumption vulnerability in Mitsubishi Electric MELSEC iQ-R Series R00/01/02CPU Firmware versions 24 and prior, Mitsubishi Electric MELSEC iQ-R Series R04/08/16/32/120ENCPU Firmware versions 57 and prior, Mitsubishi Electric MELSEC iQ-R Series R08/16/32/120SFCPU Firmware...

Mitsubishi Electric MELSEC and MELIPC Series Improper Input Validation (CVE-2021-20611)

Improper Input Validation vulnerability in Mitsubishi Electric MELSEC iQ-R Series R00/01/02CPU Firmware versions 24 and prior, Mitsubishi Electric MELSEC iQ-R Series R04/08/16/32/120ENCPU Firmware versions 57 and prior, Mitsubishi Electric MELSEC iQ-R Series R08/16/32/120SFCPU Firmware versions 2...

Mitsubishi Electric MELSEC and MELIPC Series Improper Handling of Length Parameter Inconsistency (CVE-2021-20610)

Improper Handling of Length Parameter Inconsistency vulnerability in Mitsubishi Electric MELSEC iQ-R Series R00/01/02CPU Firmware versions 24 and prior, Mitsubishi Electric MELSEC iQ-R Series R04/08/16/32/120ENCPU Firmware versions 57 and prior, Mitsubishi Electric MELSEC iQ-R Series...

CVE-2022-33324

Improper Resource Shutdown or Release vulnerability in Mitsubishi Electric Corporation MELSEC iQ-R Series R00/01/02CPU Firmware versions "32" and prior, Mitsubishi Electric Corporation MELSEC iQ-R Series R04/08/16/32/120ENCPU Firmware versions "65" and prior, Mitsubishi Electric Corporation MELSE...

CVE-2022-33324 Denial-of-Service Vulnerability in Ethernet port of MELSEC iQ-R, iQ-L Series and MELIPC Series

Improper Resource Shutdown or Release vulnerability in Mitsubishi Electric Corporation MELSEC iQ-R Series R00/01/02CPU Firmware versions "32" and prior, Mitsubishi Electric Corporation MELSEC iQ-R Series R04/08/16/32/120ENCPU Firmware versions "65" and prior, Mitsubishi Electric Corporation MELSE...

Mitsubishi Electric MELSEC iQ-R, iQ-L Series and MELIPC Series (Update E)

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION : Exploitable remotely/low attack complexity Vendor : Mitsubishi Electric Equipment : MELSEC iQ-R, iQ-L Series and MELIPC Series Vulnerability : Improper Resource Shutdown or Release 2. RISK EVALUATION Successful exploitation of this vulnerability could...

CISA Releases Seven Industrial Control Systems Advisories

CISA released seven 7 Industrial Control Systems ICS advisories on November 29, 2022. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisories for...

Mitsubishi Electric MELSEC iQ-R, Q, L Series and MELIPC Series Improper Resource Locking (CVE-2022-24946)

Improper Resource Locking vulnerability in Mitsubishi Electric MELSEC-Q Series Q03UDECPU all versions, Mitsubishi Electric MELSEC-Q Series Q04/06/10/13/20/26/50/100UDEHCPU all versions, Mitsubishi Electric MELSEC-Q Series Q03/04/06/13/26UDVCPU the first 5 digits of serial number 24051 and prior,...

Mitsubishi Electric MELSEC iQ-R, Q, L Series and MELIPC Series (Update C)

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION : Exploitable remotely/low attack complexity Vendor : Mitsubishi Electric Equipment : MELSEC iQ-R, Q, and L Series CPU Module; MELIPC Series CPU Vulnerability : Improper Resource Locking 2. RISK EVALUATION Successful exploitation of this vulnerability...

Mitsubishi Electric MELSEC and MELIPC Denial Of Service (CVE-2020-5531)

Mitsubishi Electric MELSEC C Controller Module and MELIPC Series MI5000 MELSEC-Q Series C Controller ModuleQ24DHCCPU-V, Q24DHCCPU-VG User Ethernet port CH1, CH2: First 5 digits of serial number 21121 or before, MELSEC iQ-R Series C Controller Module / C Intelligent Function ModuleR12CCPU-V Ethern...