CVSS: 8.6EPSS: 0%CPEs: 12EXPL: 0CVE-2022-40265 – Denial of Service (DoS) Vulnerability in MELSEC iQ-R Series Ethernet Interface Module
https://notcve.org/view.php?id=CVE-2022-40265
30 Nov 2022 — Improper Input Validation vulnerability in Mitsubishi Electric Corporation MELSEC iQ-R Series RJ71EN71 Firmware version "65" and prior and Mitsubishi Electric Corporation MELSEC iQ-R Series R04/08/16/32/120ENCPU Network Part Firmware version "65" and prior allows a remote unauthenticated attacker to cause a Denial of Service condition by sending specially crafted packets. A system reset is required for recovery. Vulnerabilidad de Validación de Entrada Incorrecta en Mitsubishi Electric Corporation MELSEC iQ-... • https://jvn.jp/vu/JVNVU94702422 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 2%CPEs: 56EXPL: 0CVE-2020-5668
https://notcve.org/view.php?id=CVE-2020-5668
20 Nov 2020 — Uncontrolled resource consumption vulnerability in MELSEC iQ-R Series modules (R00/01/02CPU firmware version '19' and earlier, R04/08/16/32/120 (EN) CPU firmware version '51' and earlier, R08/16/32/120SFCPU firmware version '22' and earlier, R08/16/32/120PCPU firmware version '25' and earlier, R08/16/32/120PSFCPU firmware version '06' and earlier, RJ71EN71 firmware version '47' and earlier, RJ71GF11-T2 firmware version '47' and earlier, RJ72GF15-T2 firmware version '07' and earlier, RJ71GP21-SX firmware ver... • https://jvn.jp/vu/JVNVU95980140/index.html • CWE-400: Uncontrolled Resource Consumption •
CVSS: 9.8EPSS: 0%CPEs: 202EXPL: 0CVE-2020-16226 – Mitsubishi Electric Multiple Products
https://notcve.org/view.php?id=CVE-2020-16226
08 Sep 2020 — Multiple Mitsubishi Electric products are vulnerable to impersonations of a legitimate device by a malicious actor, which may allow an attacker to remotely execute arbitrary commands. Múltiples productos de Mitsubishi Electric, son vulnerables a suplantaciones de un dispositivo legítimo por parte de un actor malicioso, lo que puede permitir a un atacante ejecutar comandos arbitrarios remotamente This vulnerability allows remote attackers to execute arbitrary code on affected installations of Mitsubishi Elec... • https://us-cert.cisa.gov/ics/advisories/icsa-20-245-01 • CWE-342: Predictable Exact Value from Previous Values •
CVSS: 7.8EPSS: 0%CPEs: 42EXPL: 0CVE-2020-13238
https://notcve.org/view.php?id=CVE-2020-13238
10 Jun 2020 — Mitsubishi MELSEC iQ-R Series PLCs with firmware 33 allow attackers to halt the industrial process by sending an unauthenticated crafted packet over the network, because this denial of service attack consumes excessive CPU time. After halting, physical access to the PLC is required in order to restore production. Los PLC Mitsubishi MELSEC iQ-R Series con firmware 33, permiten a atacantes detener el proceso industrial mediante el envío de un paquete diseñado no autenticado a través de la red, porque este ata... • http://jvn.jp/vu/JVNVU97662844/index.html • CWE-400: Uncontrolled Resource Consumption •