2020-10-05
|
CVE-2020-16226
|
Multiple Mitsubishi Electric products are vulnerable to impersonations of a legitimate device by a malicious actor, which may allow an attacker to remotely execute arbitrary commands.
|
Conveyor_tracking_application_apr\-Ntr12fh, Conveyor_tracking_application_apr\-Ntr20fh\(N\=1\,2\), Conveyor_tracking_application_apr\-Ntr3fh, Conveyor_tracking_application_apr\-Ntr6fh, Fr\-A820\-E_firmware, Fr\-A840\-E_firmware, Fr\-A842\-E_firmware, Fr\-A860\-E_firmware, Fr\-A862\-E_firmware, Fr\-A8ncge_firmware, Fr\-E800\-Epa_firmware, Fr\-E800\-Epb_firmware, Fr\-F820\-E_firmware, Fr\-F840\-E_firmware, Fr\-F842\-E_firmware, Fr\-F860\-E_firmware, Fr\-F862\-E_firmware, Fx3g\-14mr\/ds_firmware, Fx3g\-14mr\/es_firmware, Fx3g\-14mt\/dss_firmware, Fx3g\-14mt\/ess_firmware, Fx3g\-24mr\/ds_firmware, Fx3g\-24mr\/es_firmware, Fx3g\-24mt\/dss_firmware, Fx3g\-24mt\/ess_firmware, Fx3g\-32_mt\/dss_firmware, Fx3g\-40mr\/ds_firmware, Fx3g\-40mr\/es_firmware, Fx3g\-40mt\/dss_firmware, Fx3g\-40mt\/ess_firmware, Fx3g\-60mr\/ds_firmware, Fx3g\-60mr\/es_firmware, Fx3g\-60mt\/dss_firmware, Fx3g\-60mt\/ess_firmware, Fx3u\-Enet\-L_firmware, Fx3u\-Enet\-P502_firmware, Fx3u\-Enet_firmware, Fx5\-Cclgn\-Ms_firmware, Fx5\-Enet\-Adp_firmware, Fx5\-Enet\/ip_firmware, Fx5\-Enet_firmware, Fx5uc\-32mr\/ds\-Ts_firmware, Fx5uc\-32mt\/d_firmware, Fx5uc\-32mt\/ds\-Ts_firmware, Fx5uc\-32mt\/dss\-Ts_firmware, Fx5uc\-32mt\/dss_firmware, Fx5uj\-24mr\/es_firmware, Fx5uj\-24mt\/es_firmware, Fx5uj\-24mt\/ess_firmware, Fx5uj\-40mr\/es_firmware, Fx5uj\-40mt\/es_firmware, Fx5uj\-40mt\/ess_firmware, Fx5uj\-60mr\/es_firmware, Fx5uj\-60mt\/es_firmware, Fx5uj\-60mt\/ess_firmware, Got1000_series_gt14_firmware, Got2000_series_gt21_firmware, Got_simple_series_gs21_firmware, Gt25\-J71gn13\-T2_firmware, Iu1\-1m20\-D_firmware, L26cpu\-\(P\)bt_firmware, Le7\-40gu\-L_firmware, Lj71e71\-100_firmware, Lncpu\(\-P\)\(N\=02\/06\/26\)_firmware, Mr\-J4\-Tm_firmware, Mr\-Je\-C_firmware, Nz2ft\-Eip_firmware, Nz2ft\-Mt_firmware, Nz2gacp620\-300_firmware, Nz2gacp620\-60_firmware, Q03udecpu_firmware, Q06ccpu\-V_firmware, Q24dhccpu\-V_firmware, Q24dhccpu\-Vg_firmware, Qj71e71\-100_firmware, Qj71mes96_firmware, Qj71mt91_firmware, Qj71ws96_firmware, Qnudehcpu\(N\=04\/06\/10\/13\/20\/26\/50\/100\)_firmware, Qnudpvcpu\(N\=04\/06\/13\/2\)_firmware, Qnudvcpu\(N\=03\/04\/06\/13\/26\)_firmware, R12ccpu\-V_firmware, Rd55up06\-V_firmware, Rd55up12\-V_firmware, Rd78ghv_firmware, Rd78ghw_firmware, Rd78gn\(N\=4\,8\,16\,32\,64\)_firmware, Rj71en71_firmware, Rj71gn11\-T2_firmware, Rncpu\(N\=00\/01\/02\)t_firmware, Rncpu\(N\=04\/08\/16\/32\/120\)_firmware, Rnencpu\(N\=04\/08\/16\/32\/120\)_firmware, Rnpcpu\(N\=08\/16\/32\/120\)_firmware, Rnpsfcpu\(N\=08\/16\/32\/120\)_firmware, Rnsfcpu_\(N\=08\/16\/32\/120\)_firmware
|
9.8
|
|
|
2022-06-15
|
CVE-2022-24946
|
Improper Resource Locking vulnerability in Mitsubishi Electric MELSEC iQ-R Series R12CCPU-V firmware versions "16" and prior, Mitsubishi Electric MELSEC-Q Series Q03UDECPU the first 5 digits of serial No. "24061" and prior, Mitsubishi Electric MELSEC-Q Series Q04/06/10/13/20/26/50/100UDEHCPU the first 5 digits of serial No. "24061" and prior, Mitsubishi Electric MELSEC-Q Series Q03/04/06/13/26UDVCPU the first 5 digits of serial number "24051" and prior, Mitsubishi Electric MELSEC-Q Series...
|
L02cpu\-P_firmware, L02cpu_firmware, L02scpu\-P_firmware, L02scpu_firmware, L06cpu\-P_firmware, L06cpu_firmware, L26cpu\-\(P\)bt_firmware, L26cpu\-Bt\-Cm_firmware, L26cpu\-Bt_firmware, L26cpu\-P_firmware, L26cpu\-Pbt_firmware, L26cpu_firmware, Q03udecpu_firmware, Q04udehcpu_firmware, Q04udpvcpu_firmware, Q04udvcpu_firmware, Q06ccpu\-V_firmware, Q06phcpu_firmware, Q06udehcpu_firmware, Q06udpvcpu_firmware, Q06udvcpu_firmware, Q100udehcpu_firmware, Q10udehcpu_firmware, Q13udehcpu_firmware, Q13udpvcpu_firmware, Q13udvcpu_firmware, Q20udehcpu_firmware, Q26dhccpu\-Ls_firmware, Q26udehcpu_firmware, Q26udpvcpu_firmware, Q26udvcpu_firmware, Q50udehcpu_firmware
|
7.5
|
|
|
2019-02-05
|
CVE-2019-6535
|
Mitsubishi Electric Q03/04/06/13/26UDVCPU: serial number 20081 and prior, Q04/06/13/26UDPVCPU: serial number 20081 and prior, and Q03UDECPU, Q04/06/10/13/20/26/50/100UDEHCPU: serial number 20101 and prior. A remote attacker can send specific bytes over Port 5007 that will result in an Ethernet stack crash.
|
Q03udecpu_firmware, Q03udvcpu_firmware, Q04udehcpu_firmware, Q04udpvcpu_firmware, Q04udvcpu_firmware, Q06udehcpu_firmware, Q06udpvcpu_firmware, Q06udvcpu_firmware, Q100udehcpu_firmware, Q10udehcpu_firmware, Q13udehcpu_firmware, Q13udpvcpu_firmware, Q13udvcpu_firmware, Q20udehcpu_firmware, Q26udehcpu_firmware, Q26udpvcpu_firmware, Q26udvcpu_firmware, Q50udehcpu_firmware
|
7.5
|
|
|
2019-11-13
|
CVE-2019-13555
|
In Mitsubishi Electric MELSEC-Q Series Q03/04/06/13/26UDVCPU: serial number 21081 and prior, Q04/06/13/26UDPVCPU: serial number 21081 and prior, and Q03UDECPU, Q04/06/10/13/20/26/50/100UDEHCPU: serial number 21081 and prior, MELSEC-L Series L02/06/26CPU, L26CPU-BT: serial number 21101 and prior, L02/06/26CPU-P, L26CPU-PBT: serial number 21101 and prior, and L02/06/26CPU-CM, L26CPU-BT-CM: serial number 21101 and prior, a remote attacker can cause the FTP service to enter a denial-of-service...
|
L02\/06\/26cpu\-Cm_firmware, L02\/06\/26cpu\-P_firmware, L02\/06\/26cpu_firmware, L26cpu\-Bt\-Cm_firmware, L26cpu\-Bt_firmware, L26cpu\-Pbt_firmware, Q03\/04\/06\/13\/26udvcpu_firmware, Q03udecpu_firmware, Q04\/06\/10\/13\/20\/26\/50\/100udehcpu_firmware, Q04\/06\/13\/26udpvcpu_firmware
|
N/A
|
|
|