Lucene search
K

207 matches found

CVE
CVE
added 2023/06/02 4:3 a.m.66 views

CVE-2023-2061

CVE-2023-2061 describes an authentication bypass in Mitsubishi Electric MELSEC iQ-R Series RJ71EIP91 and iQ-F Series FX5-ENET/IP EtherNet/IP modules due to use of hard-coded credentials in the FTP function. The underlying cause is a hard-coded password that permits remote unauthenticated FTP acce...

7.5CVSS6.9AI score0.00549EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2023/06/02 12:0 a.m.5 views

Mitsubishi Electric MELSEC 信任管理问题漏洞

The Mitsubishi Electric MELSEC iQ-R series and the Mitsubishi Electric MELSEC iQ-F series are both programmable logic controllers from Mitsubishi Electric Japan. A security vulnerability exists in the Mitsubishi Electric MELSEC that stems from the use of hard-coded passwords. An attacker could...

7.5CVSS7.3AI score0.00549EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/06/02 12:0 a.m.9 views

PT-2023-2998 · Mitsubishi · Melsec Iq-R Series Ethernet/Ip Module Rj71Eip91 +1

Name of the Vulnerable Software and Affected Versions: Mitsubishi Electric Corporation MELSEC iQ-R Series EtherNet/IP module RJ71EIP91 affected versions not specified Mitsubishi Electric Corporation MELSEC iQ-F Series EtherNet/IP module FX5-ENET/IP affected versions not specified Description: The...

7.8CVSS7.2AI score0.0084EPSS
Exploits0References12
CNNVD
CNNVD
added 2023/06/02 12:0 a.m.6 views

Mitsubishi Electric 多款产品安全漏洞

The Mitsubishi Electric MELSEC iQ-R series and the Mitsubishi Electric MELSEC iQ-F series are both programmable logic controllers from Mitsubishi Electric Japan. A security vulnerability exists in several Mitsubishi Electric products, which is caused by a missing mask when entering a password fie...

6.2CVSS6.4AI score0.00331EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/06/01 12:0 a.m.5 views

PT-2023-3766 · Mitsubishi · Melsec Iq-F Series Ethernet/Ip Module Fx5-Enet/Ip +1

Name of the Vulnerable Software and Affected Versions: MELSEC iQ-R Series EtherNet/IP module RJ71EIP91 affected versions not specified MELSEC iQ-F Series EtherNet/IP module FX5-ENET/IP affected versions not specified Description: The issue is related to an unrestricted upload of files with...

7.5CVSS7AI score0.00607EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2023/06/01 12:0 a.m.5 views

PT-2023-3007 · Mitsubishi · Melsec Iq-F Series Ethernet/Ip Module Fx5-Enet/Ip +1

Name of the Vulnerable Software and Affected Versions: MELSEC iQ-R Series EtherNet/IP module RJ71EIP91 affected versions not specified MELSEC iQ-F Series EtherNet/IP module FX5-ENET/IP affected versions not specified Description: The issue is related to the use of hard-coded passwords in the FTP...

7.5CVSS7.4AI score0.00549EPSS
Exploits0References6
Prion
Prion
added 2023/05/24 5:15 a.m.14 views

Buffer overflow

Buffer Copy without Checking Size of Input 'Classic Buffer Overflow' vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series CPU modules and MELSEC iQ-R Series CPU modules allows a remote unauthenticated attacker to cause a denial of service DoS condition or execute malicious code on ...

5.1CVSS8.2AI score0.0344EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2023/03/23 12:0 a.m.25 views

Mitsubishi Electric MELSEC iQ-R, iQ-L Series and MELIPC Series Improper Resource Shutdown or Release (CVE-2022-33324)

Improper Resource Shutdown or Release vulnerability in Mitsubishi Electric Corporation MELSEC iQ-R Series R00/01/02CPU Firmware versions 32 and prior, Mitsubishi Electric Corporation MELSEC iQ-R Series R04/08/16/32/120ENCPU Firmware versions 65 and prior, Mitsubishi Electric Corporation MELSEC iQ...

7.5CVSS7.4AI score0.0167EPSS
Exploits0References4
CVE
CVE
added 2023/03/03 4:18 a.m.72 views

CVE-2023-0457

CVE-2023-0457 affects Mitsubishi Electric MELSEC iQ-F/R/Q/L series (including FX5U, FX5UJ, FX5S, FX5-ENET, FX5-ENET/IP and related iQ-R/Q/L variants). The vulnerability is a plaintext storage of a password in project files, enabling a remote, unauthenticated attacker to disclose plaintext credent...

7.5CVSS7.5AI score0.01174EPSS
Exploits0References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2023/02/13 12:0 a.m.29 views

Mitsubishi Electric MELSEC-Q/L and MELSEC iQ-R Improper Input Validation (CVE-2022-25163)

Improper Input Validation vulnerability in Mitsubishi Electric MELSEC-Q Series QJ71E71-100 first 5 digits of serial number 24061 or prior, Mitsubishi Electric MELSEC-L series LJ71E71-100 first 5 digits of serial number 24061 or prior and Mitsubishi Electric MELSEC iQ-R Series RD81MES96N firmware...

10CVSS8.5AI score0.02059EPSS
Exploits0References4
ICS
ICS
added 2023/02/02 12:0 p.m.49 views

Mitsubishi Electric Multiple Factory Automation Products (Update D)

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mitsubishi Electric Equipment: GOT2000 compatible HMI software, CC-Link IE TSN Industrial Managed Switch, MELSEC iQ-R Series OPC UA Server Module Vulnerabilities: Infinite Loop, OS Command Injection 2...

10CVSS10AI score0.83223EPSS
Exploits7References29
Vulnrichment
Vulnrichment
added 2023/01/20 7:52 a.m.14 views

CVE-2022-40267 Authentication Bypass Vulnerability in Web Server Function on MELSEC Series

Predictable Seed in Pseudo-Random Number Generator PRNG vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series FX5U-xMy/z x=32,64,80, y=T,R, z=ES,DS,ESS,DSS with serial number 17X or later, and versions 1.280 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5U-xMy/z...

5.9CVSS7.2AI score0.01182EPSS
Exploits0References3
ICS
ICS
added 2023/01/17 12:0 a.m.31 views

Mitsubishi Electric MELSEC iQ-F, iQ-R Series

1. EXECUTIVE SUMMARY CVSS v3 5.9 ATTENTION: Exploitable remotely Vendor: Mitsubishi Electric Equipment: MELSEC iQ-F and iQ-R Series products Vulnerability: Predictable Seed in Pseudo-Random Number Generator PRNG 2. UPDATE OR REPOSTED INFORMATION This updated advisory is a follow-up to the...

9.1CVSS7.7AI score0.01182EPSS
Exploits0References6
CVE
CVE
added 2022/12/23 2:24 a.m.70 views

CVE-2022-33324

CVE-2022-33324 affects Mitsubishi Electric MELSEC iQ-R series (R00/01/02 CPU up to 32), R04/R08/R16/R32 CPUs up to 65, R120 EN, R12CCPU-V up to 17, MELSEC iQ-L series (L04/L08/L16/L32H) up to 05, and MELIPC MI5122-VW up to 07. Verizon: remote unauthenticated attacker can cause a Denial of Service...

7.5CVSS7.5AI score0.0167EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2022/12/23 2:24 a.m.51 views

CVE-2022-33324 Denial-of-Service Vulnerability in Ethernet port of MELSEC iQ-R, iQ-L Series and MELIPC Series

Improper Resource Shutdown or Release vulnerability in Mitsubishi Electric Corporation MELSEC iQ-R Series R00/01/02CPU Firmware versions "32" and prior, Mitsubishi Electric Corporation MELSEC iQ-R Series R04/08/16/32/120ENCPU Firmware versions "65" and prior, Mitsubishi Electric Corporation MELSE...

7.5CVSS7.7AI score0.0167EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2022/12/23 12:0 a.m.5 views

PT-2022-21771 · Mitsubishi · Melsec Iq-R Series R12Ccpu-V +5

Name of the Vulnerable Software and Affected Versions: Mitsubishi Electric Corporation MELSEC iQ-R Series R00/01/02CPU Firmware versions 32 and prior Mitsubishi Electric Corporation MELSEC iQ-R Series R04/08/16/32/120ENCPU Firmware versions 65 and prior Mitsubishi Electric Corporation MELSEC iQ-R...

7.5CVSS7.3AI score0.0167EPSS
Exploits0References10
ICS
ICS
added 2022/12/22 7:0 a.m.55 views

Mitsubishi Electric MELSEC iQ-R, iQ-L Series and MELIPC Series (Update E)

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION : Exploitable remotely/low attack complexity Vendor : Mitsubishi Electric Equipment : MELSEC iQ-R, iQ-L Series and MELIPC Series Vulnerability : Improper Resource Shutdown or Release 2. RISK EVALUATION Successful exploitation of this vulnerability could...

7.5CVSS7.7AI score0.0167EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2022/12/06 12:0 a.m.25 views

Mitsubishi Electric MELSEC iQ-R Series Improper Input Validation (CVE-2022-40265)

Improper Input Validation vulnerability in Mitsubishi Electric Corporation MELSEC iQ-R Series RJ71EN71 Firmware version 65 and prior and Mitsubishi Electric Corporation MELSEC iQ-R Series R04/08/16/32/120ENCPU Network Part Firmware version 65 and prior allows a remote unauthenticated attacker to...

8.6CVSS7.7AI score0.00935EPSS
Exploits0References4
ICS
ICS
added 2022/12/05 7:0 a.m.262 views

Mitsubishi Electric FA Engineering Software (Update C)

1. EXECUTIVE SUMMARY CVSS v3 9.1 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mitsubishi Electric Equipment: GX Works3, MX OPC UA Module Configurator-R Vulnerabilities: Cleartext Storage of Sensitive Information, Use of Hard-coded Password, Insufficiently Protected Credentials,...

9.1CVSS8.7AI score0.0129EPSS
Exploits0References11
CNVD
CNVD
added 2022/12/04 12:0 a.m.30 views

Mitsubishi Electric Corporation MELSEC iQ-R Series Input Validation Error Vulnerability

The MELSEC iQ-R series is a programmable logic controller developed by Mitsubishi Electric Corporation. An input validation error vulnerability exists in the MELSEC iQ-R Series network component firmware version 65 and earlier versions, which can be exploited by an unauthenticated, remote attacke...

8.6CVSS7.6AI score0.00935EPSS
Exploits0References1
Rows per page
Query Builder