CVE-2023-4699 – Arbitrary Command Execution Vulnerability in Mitsubishi Electric proprietary protocol communication of multiple FA products
https://notcve.org/view.php?id=CVE-2023-4699
Insufficient Verification of Data Authenticity vulnerability in Mitsubishi Electric Corporation MELSEC-F Series main modules and MELSEC iQ-F Series CPU modules allows a remote unauthenticated attacker to reset the memory of the products to factory default state and cause denial-of-service (DoS) condition on the products by sending specific packets. Vulnerabilidad de verificación insuficiente de autenticidad de datos en los módulos principales Mitsubishi Electric Corporation MELSEC-F Series y en los módulos de MELSEC iQ-F Series CPU permite a un atacante remoto no autenticado restablecer la memoria de los productos al estado predeterminado de fábrica y provocar Denegación de Servicio (DoS) condición de los productos mediante el envío de paquetes específicos. Missing Authentication for Critical Function vulnerability in Mitsubishi Electric Corporation MELSEC-F Series CPU modules, MELSEC iQ-F Series, MELSEC iQ-R series CPU modules, MELSEC iQ-R series, MELSEC iQ-L series, MELSEC Q series, MELSEC-L series, Mitsubishi Electric CNC M800V/M80V series, Mitsubishi Electric CNC M800/M80/E80 series and Mitsubishi Electric CNC M700V/M70V/E70 series allows a remote unauthenticated attacker to execute arbitrary commands by sending specific packets to the affected products. This could lead to disclose or tamper with information by reading or writing control programs, or cause a denial-of-service (DoS) condition on the products by resetting the memory contents of the products to factory settings or resetting the products remotely. • https://jvn.jp/vu/JVNVU94620134 https://www.cisa.gov/news-events/ics-advisories/icsa-23-306-03 https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2023-013_en.pdf • CWE-306: Missing Authentication for Critical Function CWE-345: Insufficient Verification of Data Authenticity •
CVE-2023-4562 – Information Disclosure, Information Tampering and Authentication Bypass Vulnerability in MELSEC-F Series main module
https://notcve.org/view.php?id=CVE-2023-4562
Improper Authentication vulnerability in Mitsubishi Electric Corporation MELSEC-F Series main modules allows a remote unauthenticated attacker to obtain sequence programs from the product or write malicious sequence programs or improper data in the product without authentication by sending illegitimate messages. Vulnerabilidad de autenticación incorrecta en los módulos principales de la serie MELSEC-F de Mitsubishi Electric Corporation permite que un atacante remoto no autenticado obtenga programas de secuencia del producto o escriba programas de secuencia maliciosos o datos inadecuados en el producto sin autenticación mediante el envío de mensajes ilegítimos. • https://jvn.jp/vu/JVNVU90509290 https://www.cisa.gov/news-events/ics-advisories/icsa-23-285-13 https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2023-012_en.pdf • CWE-287: Improper Authentication •
CVE-2023-2846 – Authentication Bypass Vulnerability in MELSEC-F Series main module
https://notcve.org/view.php?id=CVE-2023-2846
Authentication Bypass by Capture-replay vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series main modules allows a remote unauthenticated attacker to cancel the password/keyword setting and login to the affected products by sending specially crafted packets. • https://jvn.jp/vu/JVNVU94519952 https://www.cisa.gov/news-events/ics-advisories/icsa-23-180-04 https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2023-005_en.pdf • CWE-294: Authentication Bypass by Capture-replay •
CVE-2020-16226 – Mitsubishi Electric Multiple Products
https://notcve.org/view.php?id=CVE-2020-16226
Multiple Mitsubishi Electric products are vulnerable to impersonations of a legitimate device by a malicious actor, which may allow an attacker to remotely execute arbitrary commands. Múltiples productos de Mitsubishi Electric, son vulnerables a suplantaciones de un dispositivo legítimo por parte de un actor malicioso, lo que puede permitir a un atacante ejecutar comandos arbitrarios remotamente This vulnerability allows remote attackers to execute arbitrary code on affected installations of Mitsubishi Electric MELSEC iQ-F. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of ACK packets. When generating ACK packets, the application uses a predictable sequence number. An attacker can leverage this vulnerability to execute arbitrary code in the context of the current process. • https://us-cert.cisa.gov/ics/advisories/icsa-20-245-01 • CWE-342: Predictable Exact Value from Previous Values •
CVE-2020-5527
https://notcve.org/view.php?id=CVE-2020-5527
When MELSOFT transmission port (UDP/IP) of Mitsubishi Electric MELSEC iQ-R series (all versions), MELSEC iQ-F series (all versions), MELSEC Q series (all versions), MELSEC L series (all versions), and MELSEC F series (all versions) receives massive amount of data via unspecified vectors, resource consumption occurs and the port does not process the data properly. As a result, it may fall into a denial-of-service (DoS) condition. The vendor states this vulnerability only affects Ethernet communication functions. Cuando el puerto de transmisión de MELSOFT (UDP/IP) de la serie Mitsubishi Electric MELSEC iQ-R (todas las versiones), la serie MELSEC iQ-F (todas las versiones), la serie MELSEC Q (todas las versiones), la serie MELSEC L (todas las versiones) y la serie MELSEC F (todas las versiones), recibe una cantidad masiva de datos por medio de vectores no especificados, un consumo de recursos se presenta y el puerto no procesa los datos apropiadamente. Como resultado, puede caer en una condición de denegación de servicio (DoS). • https://jvn.jp/en/vu/JVNVU91553662/index.html https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2019-005_en.pdf • CWE-400: Uncontrolled Resource Consumption •