Mitsubishi Electric MELSEC iQ-R Series Safety CPU and SIL2 Process CPU (Update A)

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 6.5 ATTENTION : Exploitable remotely/low attack complexity Vendor : Mitsubishi Electric Equipment : MELSEC iQ-R Series Safety CPU and SIL2 Process CPU Vulnerability : Incorrect Privilege Assignment 2. RISK EVALUATION Successful exploitation of this...

CVE-2021-20599

Cleartext Transmission of Sensitive InformationCleartext transmission of sensitive information vulnerability in MELSEC iQ-R series Safety CPU R08/16/32/120SFCPU firmware versions "26" and prior and MELSEC iQ-R series SIL2 Process CPU R08/16/32/120PSFCPU firmware versions "11" and prior allows a...

CVE-2021-20599

CVE-2021-20599 affects Mitsubishi Electric MELSEC iQ-R Series: vulnerable components are Safety CPU R08/16/32/120SFCPU with firmware versions prior to 27 and SIL2 Process CPU R08/16/32/120PSFCPU prior to 11. The issue is cleartext transmission of credentials, allowing a remote unauthenticated att...

CVE-2021-20597

Insufficiently Protected Credentials vulnerability in Mitsubishi Electric MELSEC iQ-R series Safety CPU modules R08/16/32/120SFCPU firmware versions "26" and prior and Mitsubishi Electric MELSEC iQ-R series SIL2 Process CPU modules R08/16/32/120PSFCPU firmware versions "11" and prior allows a...

CVE-2021-20597

Insufficiently Protected Credentials vulnerability in Mitsubishi Electric MELSEC iQ-R series Safety CPU modules R08/16/32/120SFCPU firmware versions "26" and prior and Mitsubishi Electric MELSEC iQ-R series SIL2 Process CPU modules R08/16/32/120PSFCPU firmware versions "11" and prior allows a...

CVE-2021-20594

CVE-2021-20594 affects Mitsubishi Electric MELSEC iQ-R series: remote brute-force to obtain legitimate usernames. Affected: Safety CPU R08/16/32/120SFCPU firmware v26 and earlier; SIL2 Process CPU R08/16/32/120PSFCPU firmware v11 and earlier. Mitigations/fixed versions: Safety CPU firmware 27+; S...

CVE-2021-20597

CVE-2021-20597 concerns Mitsubishi Electric MELSEC iQ-R series CPU modules where firmware versions before the fixed releases allow a remote, unauthenticated attacker to login by sniffing network traffic and capturing credentials during user registration or password changes. The issue affects mult...

PT-2021-8030 · Mitsubishi · Melsec Iq-R Series Safety Cpu Modules R08/16/32/120Sfcpu +1

Name of the Vulnerable Software and Affected Versions: MELSEC iQ-R Series Safety CPU modules R08/16/32/120SFCPU firmware versions prior to 26 MELSEC iQ-R Series SIL2 Process CPU modules R08/16/32/120PSFCPU firmware versions prior to 11 Description: The issue is related to the exposure of sensitiv...