CVSS: 9.8EPSS: 0%CPEs: 202EXPL: 0CVE-2020-16226 – Mitsubishi Electric Multiple Products
https://notcve.org/view.php?id=CVE-2020-16226
08 Sep 2020 — Multiple Mitsubishi Electric products are vulnerable to impersonations of a legitimate device by a malicious actor, which may allow an attacker to remotely execute arbitrary commands. Múltiples productos de Mitsubishi Electric, son vulnerables a suplantaciones de un dispositivo legítimo por parte de un actor malicioso, lo que puede permitir a un atacante ejecutar comandos arbitrarios remotamente This vulnerability allows remote attackers to execute arbitrary code on affected installations of Mitsubishi Elec... • https://us-cert.cisa.gov/ics/advisories/icsa-20-245-01 • CWE-342: Predictable Exact Value from Previous Values •
CVSS: 7.8EPSS: 3%CPEs: 2EXPL: 0CVE-2019-10977
https://notcve.org/view.php?id=CVE-2019-10977
23 May 2019 — In Mitsubishi Electric MELSEC-Q series Ethernet module QJ71E71-100 serial number 20121 and prior, an attacker could send crafted TCP packets against the FTP service, forcing the target devices to enter an error mode and cause a denial-of-service condition. En Mitsubishi Electric MELSEC-Q series Ethernet module QJ71E71-100 serial number 20121 y anteriores, un atacante podría enviar paquetes TCP creados contra el servicio FTP, forzando a los dispositivos de destino a entrar en un modo de error y generar una c... • http://www.securityfocus.com/bid/108419 • CWE-400: Uncontrolled Resource Consumption CWE-755: Improper Handling of Exceptional Conditions •
CVSS: 8.6EPSS: 0%CPEs: 6EXPL: 0CVE-2016-8368
https://notcve.org/view.php?id=CVE-2016-8368
13 Feb 2017 — An issue was discovered in Mitsubishi Electric Automation MELSEC-Q series Ethernet interface modules QJ71E71-100, all versions, QJ71E71-B5, all versions, and QJ71E71-B2, all versions. The affected Ethernet interface module is connected to a MELSEC-Q PLC, which may allow a remote attacker to connect to the PLC via Port 5002/TCP and cause a denial of service, requiring the PLC to be reset to resume operation. This is caused by an Unrestricted Externally Accessible Lock. Ha sido descubierto un problema en las ... • http://www.securityfocus.com/bid/94632 • CWE-662: Improper Synchronization •
CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 0CVE-2016-8370
https://notcve.org/view.php?id=CVE-2016-8370
13 Feb 2017 — An issue was discovered in Mitsubishi Electric Automation MELSEC-Q series Ethernet interface modules QJ71E71-100, all versions, QJ71E71-B5, all versions, and QJ71E71-B2, all versions. Weakly encrypted passwords are transmitted to a MELSEC-Q PLC. Ha sido descubierto un problema en las series Mitsubishi Electric Automation MELSEC-Q en módulos de interfaz Ethernet QJ71E71-100, todas las versiones, QJ71E71-B5, todas las versiones y QJ71E71-B2, todas las versiones. Las contraseñas cifradas débilmente son transmi... • http://www.securityfocus.com/bid/94632 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •