CVE-2023-1618 – Authentication Bypass Vulnerability in MELSEC WS Series Ethernet Interface Module
https://notcve.org/view.php?id=CVE-2023-1618
Active Debug Code vulnerability in Mitsubishi Electric Corporation MELSEC WS Series WS0-GETH00200 Serial number 2310 **** and prior allows a remote unauthenticated attacker to bypass authentication and illegally log into the affected module by connecting to it via telnet which is hidden function and is enabled by default when shipped from the factory. As a result, a remote attacker with unauthorized login can reset the module, and if certain conditions are met, he/she can disclose or tamper with the module's configuration or rewrite the firmware. • https://jvn.jp/vu/JVNVU96063959 https://www.cisa.gov/news-events/ics-advisories/icsa-23-138-02 https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2023-002_en.pdf • CWE-489: Active Debug Code CWE-1188: Initialization of a Resource with an Insecure Default •
CVE-2023-1285
https://notcve.org/view.php?id=CVE-2023-1285
Signal Handler Race Condition vulnerability in Mitsubishi Electric India GC-ENET-COM whose first 2 digits of 11-digit serial number of unit are "16" allows a remote unauthenticated attacker to cause a denial-of-service (DoS) condition in Ethernet communication by sending a large number of specially crafted packets to any UDP port when GC-ENET-COM is configured as a Modbus TCP Server. The communication resumes only when the power of the main unit is turned off and on or when the GC-ENET-COM is hot-swapped from the main unit. • https://mitsubishielectric.in/fa/cnc-pdf/DoS_in_Ethernet_Communication_Extension_Unit_GC_ENET_COM_of_GOC35_Series.pdf https://www.cisa.gov/news-events/ics-advisories/icsa-23-103-15 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-364: Signal Handler Race Condition •
CVE-2023-0457 – Information Disclosure Vulnerability in MELSEC Series
https://notcve.org/view.php?id=CVE-2023-0457
Plaintext Storage of a Password vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series, MELSEC iQ-R Series, MELSEC-Q Series and MELSEC-L Series allows a remote unauthenticated attacker to disclose plaintext credentials stored in project files and login into FTP server or Web server. • https://jvn.jp/vu/JVNVU93891523/index.html https://www.cisa.gov/news-events/ics-advisories/icsa-23-061-01 https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-023_en.pdf • CWE-256: Plaintext Storage of a Password CWE-522: Insufficiently Protected Credentials •
CVE-2022-40269
https://notcve.org/view.php?id=CVE-2022-40269
Authentication Bypass by Spoofing vulnerability in Mitsubishi Electric Corporation GOT2000 Series GT27 model versions 01.14.000 to 01.47.000, Mitsubishi Electric Corporation GOT2000 Series GT25 model versions 01.14.000 to 01.47.000 and Mitsubishi Electric Corporation GT SoftGOT2000 versions 1.265B to 1.285X allows a remote unauthenticated attacker to disclose sensitive information from users' browsers or spoof legitimate users by abusing inappropriate HTML attributes. • https://jvn.jp/vu/JVNVU91222434/index.html https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-021_en.pdf • CWE-290: Authentication Bypass by Spoofing •
CVE-2022-40268
https://notcve.org/view.php?id=CVE-2022-40268
Improper Restriction of Rendered UI Layers or Frames vulnerability in Mitsubishi Electric Corporation GOT2000 Series GT27 model versions 01.14.000 to 01.47.000, Mitsubishi Electric Corporation GOT2000 Series GT25 model versions 01.14.000 to 01.47.000 and Mitsubishi Electric Corporation GT SoftGOT2000 versions 1.265B to 1.285X allows a remote unauthenticated attacker to lead legitimate users to perform unintended operations through clickjacking. • https://jvn.jp/vu/JVNVU91222434/index.html https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-021_en.pdf • CWE-1021: Improper Restriction of Rendered UI Layers or Frames •