Search criteria
5 vulnerabilities found for fx3u-enet-l by mitsubishielectric
VAR-202310-0178
Vulnerability from variot - Updated: 2025-03-22 23:41Improper Authentication vulnerability in Mitsubishi Electric Corporation MELSEC-F Series main modules allows a remote unauthenticated attacker to obtain sequence programs from the product or write malicious sequence programs or improper data in the product without authentication by sending illegitimate messages. This vulnerability information is provided by the developer for the purpose of disseminating it to product users. JPCERT/CC Report to JPCERT/CC Coordinated with the developer.As a result of a crafted message being sent by a third party who has access to the product, a sequence program, etc. is read without authentication, or a malicious sequence program, fraudulent device data, etc. is written. , information may be leaked or falsified. The expected impact will differ depending on the number of digits of the keyword you have set. * 8 In the case of digit keyword authentication, information leakage and information falsification due to lack of authentication * 16 For digit keyword authentication: Authentication evasion due to authentication failure For details, please check the information provided by the developer. Mitsubishi Electric MELSEC-F Series is a basic micro PLC with scalable analog and communication functions for industrial control equipment of Mitsubishi Electric Corporation of Japan
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202310-0178",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "fx3g-60mt\\/es",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3ga-60mt-cm",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3g-24mt\\/es-a",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3u-64mt\\/ds",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3s-30mt\\/ess-2ad",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3u-48mt\\/es",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3u-32mr\\/es-a",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3g-14mr\\/ds",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3g-24mt\\/ess",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3g-40mt\\/ess",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3g-4ad-ptw-adp",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3g-14 mr\\/es",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3ge-24mt\\/ds",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3u-64ms\\/es",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3u-16mr\\/ds",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3g-14mt\\/es-a",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3g-14 mt\\/ess",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3g-24mr\\/ds",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3sa-20mr-cm",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3uc-16mt\\/dss",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3s-14mt\\/es",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3g-14mt\\/dss",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3g-4ad-tc-adp",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3s-30mt\\/dss",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3g-24mt\\/dss",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3s-10mt\\/ess",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3g-14 mt\\/es",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3g-40 mt\\/dss",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3ge-40mt\\/es",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3sa-30mr-cm",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3g-60mt\\/dss",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3g-60 mt\\/es",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3g-60 mt\\/ess",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3uc-16mt\\/dss-p4",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3g-60 mt\\/ds",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3u-32mr\\/es",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3sa-30mt-cm",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3g-40mt\\/dss",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3u-48mt\\/ess",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3ge-24mt\\/dss",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3u-64mr\\/es",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3uc-32mt\\/dss",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3g-40 mt\\/ess",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3ga-24mt-cm",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3g-cnv-adp",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3ge-40mt\\/ess",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3u-48mr\\/es-a",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3u-80mr\\/ds",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3uc-16mr\\/d-t",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3ge-40mt\\/ds",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3gc",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3g-14mr\\/es-a",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3u-16mt\\/es",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3u-48mt\\/ds",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3g-60mt\\/ds",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3s-10mt\\/es",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3u-128mr\\/es",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3u-32mt\\/es-a",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3s-14mt\\/ds",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3ge-40mr\\/ds",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3u-16mt\\/ds",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3g-14 mr\\/ds",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3s-14mt\\/dss",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3g-60 mr\\/ds",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3s-30mr\\/ds",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3u-64mr\\/es-a",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3u-enet-p502",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3gc-32mt\\/dss",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3s-10mt\\/dss",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3uc-32mt-lt-2",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3s-20mt\\/es",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3u-48mt\\/es-a",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3s-20mt\\/ds",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3u-32mt\\/dss",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3u-64mr\\/ds",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3g-60mt\\/es-a",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3g-40mr\\/es-a",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3g-485adp\\",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3g-24 mt\\/ds",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3g-4ad-adp",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3g-14mr\\/es",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3g-40 mr\\/es",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3g-60mr\\/ds",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3g-40mt\\/ds",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3u-16mt\\/ess",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3u-16mt\\/es-a",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3u-48mr\\/ds",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3ga-40mt-cm",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3u-16mr\\/es",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3ge-40mr\\/es",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3ge-40mt\\/dss",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3u-128mr\\/es-a",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3u-48mr\\/es",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3s-20mt\\/dss",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3ga-40mr-cm",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3g-24mt\\/ds",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3g-4ad-pt-adp",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3sa-14mt-cm",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3g-24 mt\\/dss",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3g-3a-adp",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3u-80mr\\/es",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3u-80mt\\/es",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3s-10mr\\/ds",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3s-20mr\\/es",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3g-40 mr\\/ds",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3u-64mt\\/ess",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3u-32mt\\/es",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3uc-96mt\\/d",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3uc-32mt\\/d",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3uc-64mt\\/d",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3u-128mt\\/es",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3u-32mr\\/ua1",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3u-32ms\\/es",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3sa-10mt-cm",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3sa-10mr-cm",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3g-14 mt\\/dss",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3ge-24mt\\/es",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3s-14mr\\/ds",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3u-enet-l",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3u-64mt\\/es",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3uc-64mt\\/dss",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3u-32mt\\/ds",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3s-30mt\\/es",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3ge-24mr\\/es",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3u-32mt\\/ess",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3uc-16mt\\/d",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3ge-24mt\\/ess",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3u-80mt\\/ess",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3g-24 mt\\/ess",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3g-40 mt\\/es",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3sa-14mr-cm",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3g-40mr\\/ds",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3u-80mt\\/es-a",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3g-40 mt\\/ds",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3g-4da-adp",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3g-60mr\\/es",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3g-40mt\\/es-a",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3g-14mt\\/ds",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3g-60mr\\/es-a",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3g-40mt\\/es",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3ga-60mr-cm",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3uc-16mt\\/d-p4",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3s-30mt\\/ds",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3g-24mr\\/es-a",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3u-48mt\\/dss",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3s-20mt\\/ess",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3g-24mt\\/es",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3ga-24mr-cm",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3g-24 mt\\/es",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3u-64mt\\/dss",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3s-10mt\\/ds",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3uc-96mt\\/dss",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3s-30mr\\/es",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3g-24 mr\\/ds",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3s-10mr\\/es",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3g-24mr\\/es",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3g-40mr\\/es",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3u-enet",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3s-20mr\\/ds",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3u-64mt\\/es-a",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3s-30mt\\/es-2ad",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3g-60mt\\/ess",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3ge-24mr\\/ds",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3u-16mt\\/dss",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3u-16mr\\/es-a",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3g-14 mt\\/ds",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3sa-20mt-cm",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3s-30mr\\/es-2ad",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3uc",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3g-4da-pnk-adp",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3s-14mr\\/es",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3gc-32mt\\/d",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3g-24 mr\\/es",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3g-60 mr\\/es",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3uc-32mt-lt",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3u-128mt\\/ess",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3u-80mt\\/ds",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3uc-16mr\\/ds-t",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3g-14mt\\/ess",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3s-14mt\\/ess",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3g-32 mt\\/dss",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3u-64mr\\/ua1",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3u-32mr\\/ds",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3u-128mt\\/es-a",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3u-80mt\\/dss",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3g-14mt\\/es",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3g-232adp\\",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3u-80mr\\/es-a",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3s-30mt\\/ess",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3g-60 mt\\/dss",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3s",
"scope": null,
"trust": 0.8,
"vendor": "\u4e09\u83f1\u96fb\u6a5f",
"version": null
},
{
"model": "fx3gc",
"scope": null,
"trust": 0.8,
"vendor": "\u4e09\u83f1\u96fb\u6a5f",
"version": null
},
{
"model": "fx3u",
"scope": null,
"trust": 0.8,
"vendor": "\u4e09\u83f1\u96fb\u6a5f",
"version": null
},
{
"model": "fx3uc",
"scope": null,
"trust": 0.8,
"vendor": "\u4e09\u83f1\u96fb\u6a5f",
"version": null
},
{
"model": "fx3g",
"scope": null,
"trust": 0.8,
"vendor": "\u4e09\u83f1\u96fb\u6a5f",
"version": null
},
{
"model": "electric melsec-f series",
"scope": null,
"trust": 0.6,
"vendor": "misubishi",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-00210"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-003809"
},
{
"db": "NVD",
"id": "CVE-2023-4562"
}
]
},
"cve": "CVE-2023-4562",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 9.4,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2024-00210",
"impactScore": 9.2,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2023-4562",
"impactScore": 5.2,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 2.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "OTHER",
"availabilityImpact": "None",
"baseScore": 9.1,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2023-003809",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2023-4562",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp",
"id": "CVE-2023-4562",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "OTHER",
"id": "JVNDB-2023-003809",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNVD",
"id": "CNVD-2024-00210",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-00210"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-003809"
},
{
"db": "NVD",
"id": "CVE-2023-4562"
},
{
"db": "NVD",
"id": "CVE-2023-4562"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Improper Authentication vulnerability in Mitsubishi Electric Corporation MELSEC-F Series main modules allows a remote unauthenticated attacker to obtain sequence programs from the product or write malicious sequence programs or improper data in the product without authentication by sending illegitimate messages. This vulnerability information is provided by the developer for the purpose of disseminating it to product users. JPCERT/CC Report to JPCERT/CC Coordinated with the developer.As a result of a crafted message being sent by a third party who has access to the product, a sequence program, etc. is read without authentication, or a malicious sequence program, fraudulent device data, etc. is written. , information may be leaked or falsified. The expected impact will differ depending on the number of digits of the keyword you have set. * 8 In the case of digit keyword authentication, information leakage and information falsification due to lack of authentication * 16 For digit keyword authentication: Authentication evasion due to authentication failure For details, please check the information provided by the developer. Mitsubishi Electric MELSEC-F Series is a basic micro PLC with scalable analog and communication functions for industrial control equipment of Mitsubishi Electric Corporation of Japan",
"sources": [
{
"db": "NVD",
"id": "CVE-2023-4562"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-003809"
},
{
"db": "CNVD",
"id": "CNVD-2024-00210"
},
{
"db": "VULMON",
"id": "CVE-2023-4562"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2023-4562",
"trust": 3.3
},
{
"db": "ICS CERT",
"id": "ICSA-23-285-13",
"trust": 1.9
},
{
"db": "JVN",
"id": "JVNVU90509290",
"trust": 1.9
},
{
"db": "JVNDB",
"id": "JVNDB-2023-003809",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2024-00210",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2023-4562",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-00210"
},
{
"db": "VULMON",
"id": "CVE-2023-4562"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-003809"
},
{
"db": "NVD",
"id": "CVE-2023-4562"
}
]
},
"id": "VAR-202310-0178",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-00210"
}
],
"trust": 0.06
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-00210"
}
]
},
"last_update_date": "2025-03-22T23:41:08.407000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "MELSEC-F\u00a0 Vulnerabilities of information leakage, information tampering, and authentication bypass in the basic unit",
"trust": 0.8,
"url": "https://www.mitsubishielectric.co.jp/psirt/vulnerability/pdf/2023-012.pdf"
},
{
"title": "Patch for Mitsubishi Electric MELSEC-F Series Authentication Error Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/513051"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-00210"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-003809"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-287",
"trust": 1.0
},
{
"problemtype": "Inappropriate authentication (CWE-287) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-003809"
},
{
"db": "NVD",
"id": "CVE-2023-4562"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-285-13"
},
{
"trust": 1.7,
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2023-012_en.pdf"
},
{
"trust": 1.1,
"url": "https://jvn.jp/vu/jvnvu90509290/"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu90509290/index.html"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-4562"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-00210"
},
{
"db": "VULMON",
"id": "CVE-2023-4562"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-003809"
},
{
"db": "NVD",
"id": "CVE-2023-4562"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2024-00210"
},
{
"db": "VULMON",
"id": "CVE-2023-4562"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-003809"
},
{
"db": "NVD",
"id": "CVE-2023-4562"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2024-01-03T00:00:00",
"db": "CNVD",
"id": "CNVD-2024-00210"
},
{
"date": "2023-10-13T00:00:00",
"db": "VULMON",
"id": "CVE-2023-4562"
},
{
"date": "2023-10-13T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2023-003809"
},
{
"date": "2023-10-13T02:15:09.917000",
"db": "NVD",
"id": "CVE-2023-4562"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-03-13T00:00:00",
"db": "CNVD",
"id": "CNVD-2024-00210"
},
{
"date": "2023-10-13T00:00:00",
"db": "VULMON",
"id": "CVE-2023-4562"
},
{
"date": "2024-05-17T08:37:00",
"db": "JVNDB",
"id": "JVNDB-2023-003809"
},
{
"date": "2023-10-23T19:15:51.397000",
"db": "NVD",
"id": "CVE-2023-4562"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Made by Mitsubishi Electric \u00a0MELSEC-F\u00a0 Improper authentication vulnerability in series base unit",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-003809"
}
],
"trust": 0.8
}
}
VAR-202010-0395
Vulnerability from variot - Updated: 2024-11-23 21:51Multiple Mitsubishi Electric products are vulnerable to impersonations of a legitimate device by a malicious actor, which may allow an attacker to remotely execute arbitrary commands. of multiple Mitsubishi Electric products TCP A vulnerability in session management exists in the protocol stack. This vulnerability information is provided by the developer for the purpose of dissemination to product users. Authentication is not required to exploit this vulnerability.The specific flaw exists within the processing of ACK packets. When generating ACK packets, the application uses a predictable sequence number. An attacker can leverage this vulnerability to execute arbitrary code in the context of the current process. Mitsubishi Electric gt14 model是日本三菱电机(Mitsubishi Electric)公司的一个用于工业生产过程中提供人机交互界面的设备. Mitsubishi Electric 多个产品存在命令执行漏洞,该漏洞允许攻击者冒充合法设备,从而使攻击者能够远程执行任意命令。以下产品和版本受到影响:QJ71MES96 all versions,QJ71WS96 all versions,Q06CCPU-V all versions,Q24DHCCPU-V all versions,Q24DHCCPU-VG all versions,R12CCPU-V Version 13 and prior,RD55UP06-V Version 09 and prior,RD55UP12-V Version 01,RJ71GN11-T2 Version 11 and prior,RJ71EN71 all versions,QJ71E71-100 all versions,LJ71E71-100 all versions,QJ71MT91 all versions,RD78Gn(n=4,8,16,32,64) all versions,RD78GHV all versions,RD78GHW all versions,NZ2GACP620-60 all versions,NZ2GACP620-300 all versions,NZ2FT-MT all versions,NZ2FT-EIP all versions,Q03UDECPU the first 5 digits of serial number 22081 and prior,QnUDEHCPU(n=04/06/10/13/20/26/50/100) the first 5 digits of serial number 22081 and prior,QnUDVCPU(n=03/04/06/13/26) the first 5 digits of serial number 22031 and prior,QnUDPVCPU(n=04/06/13/26) the first 5 digits of serial number 22031 and prior,LnCPU(-P)(n=02/06/26) the first 5 digits of serial number 22051 and prior,L26CPU-(P)BT the first 5 digits of serial number 22051 and prior,RnCPU(n=00/01/02) Version 18 and prior,RnCPU(n=04/08/16/32/120) Version 50 and prior,RnENCPU(n=04/08/16/32/120) Version 50 and prior,RnSFCPU (n=08/16/32/120) Version 22 and prior,RnPCPU(n=08/16/32/120) Version 24 and prior,RnPSFCPU(n=08/16/32/120) Version 05 and prior,FX5U(C)-M*/,FX5UC-32M/-TS Version 1.210 and prior,FX5UJ-M/ Version 1.000,FX5-ENET Version 1.002 and prior,FX5-ENET/IP Version 1.002 and prior,FX3U-ENET-ADP Version 1.22 and prior,FX3GE-M/* the first 3 digits of serial number 20X and prior,FX3U-ENET Version 1.14 and prior,FX3U-ENET-L Version 1.14 and prior,FX3U-ENET-P502 Version 1.14 and prior,FX5-CCLGN-MS Version 1.000,IU1-1M20-D all versions,LE7-40GU-L all versions,GOT2000 Series GT21 Model all versions,GS Series all versions,GOT1000 Series GT14 Model all versions,GT25-J71GN13-T2 all versions,FR-A800-E Series production date December 2020 and prior,FR-F800-E Series production date December 2020 and prior,FR-A8NCG Production date August 2020 and prior,FR-E800-EPA Series Production date July 2020 and prior,FR-E800-EPB Series Production date July 2020 and prior,Conveyor Tracking Application APR-nTR3FH APR-nTR6FH APR-nTR12FH APR-nTR20FH(n=1,2) all versions (Discontinued product),MR-JE-C all versions,MR-J4-TM all versions
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202010-0395",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "fr-f842-e",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": "*"
},
{
"model": "rnpsfcpu\\",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": "*"
},
{
"model": "qj71ws96",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": "*"
},
{
"model": "fx3g-14mr\\/es",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": "*"
},
{
"model": "fr-f860-e",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": "*"
},
{
"model": "q24dhccpu-v",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": "*"
},
{
"model": "fx5uj-24mt\\/ess",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": "1.000"
},
{
"model": "fx3u-enet",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": "*"
},
{
"model": "q24dhccpu-vg",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": "*"
},
{
"model": "rnpcpu\\",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": "*"
},
{
"model": "got2000 series gt21",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": "*"
},
{
"model": "fx3g-60mr\\/es",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": "*"
},
{
"model": "fx5-enet-adp",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": "*"
},
{
"model": "fr-a860-e",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": "*"
},
{
"model": "rd55up06-v",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": "*"
},
{
"model": "fx3g-40mr\\/ds",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": "*"
},
{
"model": "fx3g-40mt\\/ess",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": "*"
},
{
"model": "fx5uc-32mr\\/ds-ts",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": "1.210"
},
{
"model": "got1000 series gt14",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": "*"
},
{
"model": "conveyor tracking application apr-ntr12fh",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "rd78ghv",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": "*"
},
{
"model": "fr-f820-e",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": "*"
},
{
"model": "fr-f840-e",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": "*"
},
{
"model": "qnudehcpu\\",
"scope": "lte",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": "22081"
},
{
"model": "qnudpvcpu\\",
"scope": "lte",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": "22031"
},
{
"model": "fx5uj-24mr\\/es",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": "1.000"
},
{
"model": "nz2gacp620-60",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": "*"
},
{
"model": "rnsfcpu \\",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": "*"
},
{
"model": "rj71en71",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": "*"
},
{
"model": "fx5-enet",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": "*"
},
{
"model": "fr-a862-e",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": "*"
},
{
"model": "qj71e71-100",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": "*"
},
{
"model": "mr-j4-tm",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": "*"
},
{
"model": "r12ccpu-v",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": "*"
},
{
"model": "mr-je-c",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": "*"
},
{
"model": "fx3g-40mt\\/dss",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": "*"
},
{
"model": "fx5uj-40mt\\/es",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": "1.000"
},
{
"model": "fx3g-32 mt\\/dss",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": "*"
},
{
"model": "qnudvcpu\\",
"scope": "lte",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": "22031"
},
{
"model": "lj71e71-100",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": "*"
},
{
"model": "fx5uj-40mt\\/ess",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": "1.000"
},
{
"model": "fx5uc-32mt\\/d",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": "1.210"
},
{
"model": "fx5uj-60mr\\/es",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": "1.000"
},
{
"model": "fx3g-14mr\\/ds",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": "*"
},
{
"model": "fx3g-14mt\\/dss",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": "*"
},
{
"model": "fx5-cclgn-ms",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": "*"
},
{
"model": "fr-a8ncge",
"scope": "lte",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": "2020-08"
},
{
"model": "qj71mt91",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": "*"
},
{
"model": "fr-a820-e",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": "*"
},
{
"model": "fx5uj-60mt\\/ess",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": "1.000"
},
{
"model": "fr-e800-epa",
"scope": "lte",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": "2020-07"
},
{
"model": "got simple series gs21",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": "*"
},
{
"model": "fr-e800-epb",
"scope": "lte",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": "2020-07"
},
{
"model": "fx3g-14mt\\/ess",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": "*"
},
{
"model": "rj71gn11-t2",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": "*"
},
{
"model": "fx3g-40mr\\/es",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": "*"
},
{
"model": "le7-40gu-l",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": "*"
},
{
"model": "fx5uj-40mr\\/es",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": "1.000"
},
{
"model": "iu1-1m20-d",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": "*"
},
{
"model": "nz2gacp620-300",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": "*"
},
{
"model": "l26cpu-\\ bt",
"scope": "lte",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": "22051"
},
{
"model": "nz2ft-mt",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": "*"
},
{
"model": "q06ccpu-v",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": "*"
},
{
"model": "fr-f862-e",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": "*"
},
{
"model": "conveyor tracking application apr-ntr6fh",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3g-24mt\\/ess",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": "*"
},
{
"model": "rd78gn\\",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": "*"
},
{
"model": "fx3g-24mr\\/ds",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": "*"
},
{
"model": "lncpu\\ \\",
"scope": "lte",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": "22051"
},
{
"model": "fx3g-60mr\\/ds",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": "*"
},
{
"model": "conveyor tracking application apr-ntr3fh",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": "*"
},
{
"model": "fx3g-24mr\\/es",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": "*"
},
{
"model": "conveyor tracking application apr-ntr20fh\\",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": null
},
{
"model": "fx3u-enet-l",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": "*"
},
{
"model": "fr-a842-e",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": "*"
},
{
"model": "fr-a840-e",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": "*"
},
{
"model": "fx3g-60mt\\/ess",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": "*"
},
{
"model": "rd78ghw",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": "*"
},
{
"model": "fx5uc-32mt\\/dss",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": "1.210"
},
{
"model": "rncpu\\ t",
"scope": "lte",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": "18"
},
{
"model": "fx3u-enet-p502",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": "*"
},
{
"model": "gt25-j71gn13-t2",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": "*"
},
{
"model": "fx5uc-32mt\\/ds-ts",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": "1.210"
},
{
"model": "q03udecpu",
"scope": "lte",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": "22081"
},
{
"model": "fx5uj-60mt\\/es",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": "1.000"
},
{
"model": "fx5uc-32mt\\/dss-ts",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": "1.210"
},
{
"model": "fx5-enet\\/ip",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": "*"
},
{
"model": "fx3g-60mt\\/dss",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": "*"
},
{
"model": "rncpu\\",
"scope": "lte",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": "50"
},
{
"model": "fx3g-24mt\\/dss",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": "*"
},
{
"model": "rnencpu\\",
"scope": "lte",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": "50"
},
{
"model": "qj71mes96",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": "*"
},
{
"model": "fx5uj-24mt\\/es",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": "1.000"
},
{
"model": "rd55up12-v",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": "*"
},
{
"model": "nz2ft-eip",
"scope": "eq",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": "*"
},
{
"model": "\uff08\u8907\u6570\u306e\u88fd\u54c1\uff09",
"scope": "eq",
"trust": 0.8,
"vendor": "\u4e09\u83f1\u96fb\u6a5f",
"version": "(multiple products)"
},
{
"model": "\uff08\u8907\u6570\u306e\u88fd\u54c1\uff09",
"scope": "eq",
"trust": 0.8,
"vendor": "\u4e09\u83f1\u96fb\u6a5f",
"version": "it was * ac the servo melservo"
},
{
"model": "\uff08\u8907\u6570\u306e\u88fd\u54c1\uff09",
"scope": "eq",
"trust": 0.8,
"vendor": "\u4e09\u83f1\u96fb\u6a5f",
"version": "it was * lossnay central ventilation system"
},
{
"model": "\uff08\u8907\u6570\u306e\u88fd\u54c1\uff09",
"scope": "eq",
"trust": 0.8,
"vendor": "\u4e09\u83f1\u96fb\u6a5f",
"version": "it was * display got"
},
{
"model": "\uff08\u8907\u6570\u306e\u88fd\u54c1\uff09",
"scope": "eq",
"trust": 0.8,
"vendor": "\u4e09\u83f1\u96fb\u6a5f",
"version": null
},
{
"model": "\uff08\u8907\u6570\u306e\u88fd\u54c1\uff09",
"scope": "eq",
"trust": 0.8,
"vendor": "\u4e09\u83f1\u96fb\u6a5f",
"version": "it was * air conditioning control system / centralized controller"
},
{
"model": "\uff08\u8907\u6570\u306e\u88fd\u54c1\uff09",
"scope": "eq",
"trust": 0.8,
"vendor": "\u4e09\u83f1\u96fb\u6a5f",
"version": "it was * air conditioning control system / expansion controller"
},
{
"model": "\uff08\u8907\u6570\u306e\u88fd\u54c1\uff09",
"scope": "eq",
"trust": 0.8,
"vendor": "\u4e09\u83f1\u96fb\u6a5f",
"version": "it was * energy measurement unit"
},
{
"model": "\uff08\u8907\u6570\u306e\u88fd\u54c1\uff09",
"scope": "eq",
"trust": 0.8,
"vendor": "\u4e09\u83f1\u96fb\u6a5f",
"version": "affected products s vary widely. for more information, please check the information provided by the developer."
},
{
"model": "\uff08\u8907\u6570\u306e\u88fd\u54c1\uff09",
"scope": "eq",
"trust": 0.8,
"vendor": "\u4e09\u83f1\u96fb\u6a5f",
"version": "it was * range hood fan"
},
{
"model": "\uff08\u8907\u6570\u306e\u88fd\u54c1\uff09",
"scope": "eq",
"trust": 0.8,
"vendor": "\u4e09\u83f1\u96fb\u6a5f",
"version": "it was * data collection analyzer melqic"
},
{
"model": "\uff08\u8907\u6570\u306e\u88fd\u54c1\uff09",
"scope": "eq",
"trust": 0.8,
"vendor": "\u4e09\u83f1\u96fb\u6a5f",
"version": "it was * hems compatible adapter, lan adapter"
},
{
"model": "\uff08\u8907\u6570\u306e\u88fd\u54c1\uff09",
"scope": "eq",
"trust": 0.8,
"vendor": "\u4e09\u83f1\u96fb\u6a5f",
"version": "it was * air conditioning control system / bm adapter"
},
{
"model": "\uff08\u8907\u6570\u306e\u88fd\u54c1\uff09",
"scope": "eq",
"trust": 0.8,
"vendor": "\u4e09\u83f1\u96fb\u6a5f",
"version": "it was * room air conditioner"
},
{
"model": "\uff08\u8907\u6570\u306e\u88fd\u54c1\uff09",
"scope": "eq",
"trust": 0.8,
"vendor": "\u4e09\u83f1\u96fb\u6a5f",
"version": "it was * bath drying/heating/ventilation system"
},
{
"model": "\uff08\u8907\u6570\u306e\u88fd\u54c1\uff09",
"scope": "eq",
"trust": 0.8,
"vendor": "\u4e09\u83f1\u96fb\u6a5f",
"version": "it was * solar power system color monitor eco guide"
},
{
"model": "\uff08\u8907\u6570\u306e\u88fd\u54c1\uff09",
"scope": "eq",
"trust": 0.8,
"vendor": "\u4e09\u83f1\u96fb\u6a5f",
"version": "it was * ventilation fan for duct"
},
{
"model": "\uff08\u8907\u6570\u306e\u88fd\u54c1\uff09",
"scope": "eq",
"trust": 0.8,
"vendor": "\u4e09\u83f1\u96fb\u6a5f",
"version": "it was * tension controller"
},
{
"model": "\uff08\u8907\u6570\u306e\u88fd\u54c1\uff09",
"scope": "eq",
"trust": 0.8,
"vendor": "\u4e09\u83f1\u96fb\u6a5f",
"version": "it was * inverter freqrol"
},
{
"model": "\uff08\u8907\u6570\u306e\u88fd\u54c1\uff09",
"scope": "eq",
"trust": 0.8,
"vendor": "\u4e09\u83f1\u96fb\u6a5f",
"version": "it was * mitsubishi energy saving dem monitoring server e-energy"
},
{
"model": "\uff08\u8907\u6570\u306e\u88fd\u54c1\uff09",
"scope": "eq",
"trust": 0.8,
"vendor": "\u4e09\u83f1\u96fb\u6a5f",
"version": "it was * robot melfa"
},
{
"model": "melsec iq-f",
"scope": null,
"trust": 0.7,
"vendor": "mitsubishi electric",
"version": null
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-20-1207"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-008251"
},
{
"db": "NVD",
"id": "CVE-2020-16226"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ta-Lun Yen of TXOne IoT/ICS Security Research Labs (Trend Micro)",
"sources": [
{
"db": "ZDI",
"id": "ZDI-20-1207"
}
],
"trust": 0.7
},
"cve": "CVE-2020-16226",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2020-16226",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.1,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2020-16226",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "Low",
"baseScore": 7.3,
"baseSeverity": "High",
"confidentialityImpact": "Low",
"exploitabilityScore": null,
"id": "CVE-2020-16226",
"impactScore": null,
"integrityImpact": "Low",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "ZDI",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2020-16226",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 0.7,
"userInteraction": "NONE",
"vectorString": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2020-16226",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2020-16226",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2020-16226",
"trust": 0.7,
"value": "CRITICAL"
},
{
"author": "CNNVD",
"id": "CNNVD-202009-074",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULMON",
"id": "CVE-2020-16226",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-20-1207"
},
{
"db": "VULMON",
"id": "CVE-2020-16226"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-008251"
},
{
"db": "CNNVD",
"id": "CNNVD-202009-074"
},
{
"db": "NVD",
"id": "CVE-2020-16226"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple Mitsubishi Electric products are vulnerable to impersonations of a legitimate device by a malicious actor, which may allow an attacker to remotely execute arbitrary commands. of multiple Mitsubishi Electric products TCP A vulnerability in session management exists in the protocol stack. This vulnerability information is provided by the developer for the purpose of dissemination to product users. Authentication is not required to exploit this vulnerability.The specific flaw exists within the processing of ACK packets. When generating ACK packets, the application uses a predictable sequence number. An attacker can leverage this vulnerability to execute arbitrary code in the context of the current process. Mitsubishi Electric gt14 model\u662f\u65e5\u672c\u4e09\u83f1\u7535\u673a\uff08Mitsubishi Electric\uff09\u516c\u53f8\u7684\u4e00\u4e2a\u7528\u4e8e\u5de5\u4e1a\u751f\u4ea7\u8fc7\u7a0b\u4e2d\u63d0\u4f9b\u4eba\u673a\u4ea4\u4e92\u754c\u9762\u7684\u8bbe\u5907. \nMitsubishi Electric \u591a\u4e2a\u4ea7\u54c1\u5b58\u5728\u547d\u4ee4\u6267\u884c\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u5141\u8bb8\u653b\u51fb\u8005\u5192\u5145\u5408\u6cd5\u8bbe\u5907\uff0c\u4ece\u800c\u4f7f\u653b\u51fb\u8005\u80fd\u591f\u8fdc\u7a0b\u6267\u884c\u4efb\u610f\u547d\u4ee4\u3002\u4ee5\u4e0b\u4ea7\u54c1\u548c\u7248\u672c\u53d7\u5230\u5f71\u54cd\uff1aQJ71MES96 all versions\uff0cQJ71WS96 all versions\uff0cQ06CCPU-V all versions\uff0cQ24DHCCPU-V all versions\uff0cQ24DHCCPU-VG all versions\uff0cR12CCPU-V Version 13 and prior\uff0cRD55UP06-V Version 09 and prior\uff0cRD55UP12-V Version 01\uff0cRJ71GN11-T2 Version 11 and prior\uff0cRJ71EN71 all versions\uff0cQJ71E71-100 all versions\uff0cLJ71E71-100 all versions\uff0cQJ71MT91 all versions\uff0cRD78Gn(n=4,8,16,32,64) all versions\uff0cRD78GHV all versions\uff0cRD78GHW all versions\uff0cNZ2GACP620-60 all versions\uff0cNZ2GACP620-300 all versions\uff0cNZ2FT-MT all versions\uff0cNZ2FT-EIP all versions\uff0cQ03UDECPU the first 5 digits of serial number 22081 and prior\uff0cQnUDEHCPU(n=04/06/10/13/20/26/50/100) the first 5 digits of serial number 22081 and prior\uff0cQnUDVCPU(n=03/04/06/13/26) the first 5 digits of serial number 22031 and prior\uff0cQnUDPVCPU(n=04/06/13/26) the first 5 digits of serial number 22031 and prior\uff0cLnCPU(-P)(n=02/06/26) the first 5 digits of serial number 22051 and prior\uff0cL26CPU-(P)BT the first 5 digits of serial number 22051 and prior\uff0cRnCPU(n=00/01/02) Version 18 and prior\uff0cRnCPU(n=04/08/16/32/120) Version 50 and prior\uff0cRnENCPU(n=04/08/16/32/120) Version 50 and prior\uff0cRnSFCPU (n=08/16/32/120) Version 22 and prior\uff0cRnPCPU(n=08/16/32/120) Version 24 and prior\uff0cRnPSFCPU(n=08/16/32/120) Version 05 and prior\uff0cFX5U(C)-**M*/**\uff0cFX5UC-32M*/**-TS Version 1.210 and prior\uff0cFX5UJ-**M*/** Version 1.000\uff0cFX5-ENET Version 1.002 and prior\uff0cFX5-ENET/IP Version 1.002 and prior\uff0cFX3U-ENET-ADP Version 1.22 and prior\uff0cFX3GE-**M*/** the first 3 digits of serial number 20X and prior\uff0cFX3U-ENET Version 1.14 and prior\uff0cFX3U-ENET-L Version 1.14 and prior\uff0cFX3U-ENET-P502 Version 1.14 and prior\uff0cFX5-CCLGN-MS Version 1.000\uff0cIU1-1M20-D all versions\uff0cLE7-40GU-L all versions\uff0cGOT2000 Series GT21 Model all versions\uff0cGS Series all versions\uff0cGOT1000 Series GT14 Model all versions\uff0cGT25-J71GN13-T2 all versions\uff0cFR-A800-E Series production date December 2020 and prior\uff0cFR-F800-E Series production date December 2020 and prior\uff0cFR-A8NCG Production date August 2020 and prior\uff0cFR-E800-EPA Series Production date July 2020 and prior\uff0cFR-E800-EPB Series Production date July 2020 and prior\uff0cConveyor Tracking Application APR-nTR3FH APR-nTR6FH APR-nTR12FH APR-nTR20FH(n=1,2) all versions (Discontinued product)\uff0cMR-JE-C all versions\uff0cMR-J4-TM all versions",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-16226"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-008251"
},
{
"db": "ZDI",
"id": "ZDI-20-1207"
},
{
"db": "CNNVD",
"id": "CNNVD-202009-074"
},
{
"db": "VULMON",
"id": "CVE-2020-16226"
}
],
"trust": 2.88
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-16226",
"trust": 3.2
},
{
"db": "ICS CERT",
"id": "ICSA-20-245-01",
"trust": 2.5
},
{
"db": "JVN",
"id": "JVNVU93926439",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2020-008251",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-10966",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-20-1207",
"trust": 0.7
},
{
"db": "AUSCERT",
"id": "ESB-2020.3041",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.4767",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202009-074",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2020-16226",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-20-1207"
},
{
"db": "VULMON",
"id": "CVE-2020-16226"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-008251"
},
{
"db": "CNNVD",
"id": "CNNVD-202009-074"
},
{
"db": "NVD",
"id": "CVE-2020-16226"
}
]
},
"id": "VAR-202010-0395",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.41666666
},
"last_update_date": "2024-11-23T21:51:16.463000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "of our products TCP Spoofing Vulnerability in Protocol Stack",
"trust": 0.8,
"url": "https://www.mitsubishielectric.co.jp/psirt/vulnerability/pdf/2020-009.pdf"
},
{
"title": "Mitsubishi Electric has issued an update to correct this vulnerability.",
"trust": 0.7,
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-245-01"
},
{
"title": "mitsubishielectric Fixes for remote command execution vulnerabilities",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=127702"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-20-1207"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-008251"
},
{
"db": "CNNVD",
"id": "CNNVD-202009-074"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-342",
"trust": 1.0
},
{
"problemtype": "Lack of information (CWE-noinfo) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-008251"
},
{
"db": "NVD",
"id": "CVE-2020-16226"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.8,
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-245-01"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu93926439/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.3041/"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-16226"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.4767"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/342.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-20-245-01"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-20-1207"
},
{
"db": "VULMON",
"id": "CVE-2020-16226"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-008251"
},
{
"db": "CNNVD",
"id": "CNNVD-202009-074"
},
{
"db": "NVD",
"id": "CVE-2020-16226"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-20-1207"
},
{
"db": "VULMON",
"id": "CVE-2020-16226"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-008251"
},
{
"db": "CNNVD",
"id": "CNNVD-202009-074"
},
{
"db": "NVD",
"id": "CVE-2020-16226"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-09-08T00:00:00",
"db": "ZDI",
"id": "ZDI-20-1207"
},
{
"date": "2020-10-05T00:00:00",
"db": "VULMON",
"id": "CVE-2020-16226"
},
{
"date": "2020-09-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-008251"
},
{
"date": "2020-09-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202009-074"
},
{
"date": "2020-10-05T18:15:13.133000",
"db": "NVD",
"id": "CVE-2020-16226"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-09-17T00:00:00",
"db": "ZDI",
"id": "ZDI-20-1207"
},
{
"date": "2020-10-22T00:00:00",
"db": "VULMON",
"id": "CVE-2020-16226"
},
{
"date": "2022-09-26T08:55:00",
"db": "JVNDB",
"id": "JVNDB-2020-008251"
},
{
"date": "2022-09-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202009-074"
},
{
"date": "2024-11-21T05:06:58.517000",
"db": "NVD",
"id": "CVE-2020-16226"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202009-074"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "of multiple Mitsubishi Electric products \u00a0TCP\u00a0 Session management flaw in protocol stack",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-008251"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Command execution",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202009-074"
}
],
"trust": 0.6
}
}
VAR-202107-0288
Vulnerability from variot - Updated: 2024-08-14 13:03NULL Pointer Dereference in MELSEC-F Series FX3U-ENET firmware version 1.14 and prior, FX3U-ENET-L firmware version 1.14 and prior and FX3U-ENET-P502 firmware version 1.14 and prior allows a remote unauthenticated attacker to cause a DoS condition in communication by sending specially crafted packets. Control by MELSEC-F series PLC is not affected and system reset is required for recovery. Made by Mitsubishi Electric MELSEC F series Ethernet Interface blocks NULL Pointer reference (CWE-476 , CVE-2021-20596) A vulnerability exists. This vulnerability information is provided by the developer for the purpose of making it known to product users. JPCERT/CC Report to JPCERT/CC Coordinated with the developers.If the product receives a malicious packet crafted by a remote third party, an error will occur and communication will interfere with service operation. (DoS) It may be in a state. In addition, by resetting the system, service operation is interrupted. (DoS) Recovery from the state is possible. According to the developer MELSEC F It has no effect on the control of the basic units of the series. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements. Misubishi Electric Mitsubishi Electric MELSEC-F Series is a basic micro PLC with scalability of analog and communication functions for industrial control equipment of Mitsubishi Electric Corporation. Mitsubishi Electric MELSEC-F Series contains a code issue vulnerability that could cause a denial of service condition for communication with the product
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202107-0288",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "fx3u-enet",
"scope": "lte",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": "1.14"
},
{
"model": "fx3u-enet-p502",
"scope": "lte",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": "1.14"
},
{
"model": "fx3u-enet-l",
"scope": "lte",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": "1.14"
},
{
"model": "fx3u-enet",
"scope": "lte",
"trust": 0.8,
"vendor": "\u4e09\u83f1\u96fb\u6a5f",
"version": "-p502 firmware 1.14 and earlier"
},
{
"model": "fx3u-enet",
"scope": "lte",
"trust": 0.8,
"vendor": "\u4e09\u83f1\u96fb\u6a5f",
"version": "-l firmware 1.14 and earlier"
},
{
"model": "fx3u-enet",
"scope": "lte",
"trust": 0.8,
"vendor": "\u4e09\u83f1\u96fb\u6a5f",
"version": "firmware 1.14 and earlier"
},
{
"model": "fx3u-enet-l",
"scope": null,
"trust": 0.8,
"vendor": "\u4e09\u83f1\u96fb\u6a5f",
"version": null
},
{
"model": "fx3u-enet-p502",
"scope": "lte",
"trust": 0.8,
"vendor": "\u4e09\u83f1\u96fb\u6a5f",
"version": "firmware 1.14 and earlier"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-002007"
},
{
"db": "NVD",
"id": "CVE-2021-20596"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Mitsubishi Electric reported this vulnerability to CISA.",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202107-1555"
}
],
"trust": 0.6
},
"cve": "CVE-2021-20596",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2021-20596",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-378272",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2021-20596",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "OTHER",
"availabilityImpact": "High",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2021-002007",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2021-20596",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "OTHER",
"id": "JVNDB-2021-002007",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-202107-1555",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202104-975",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-378272",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-378272"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-002007"
},
{
"db": "CNNVD",
"id": "CNNVD-202107-1555"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"db": "NVD",
"id": "CVE-2021-20596"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "NULL Pointer Dereference in MELSEC-F Series FX3U-ENET firmware version 1.14 and prior, FX3U-ENET-L firmware version 1.14 and prior and FX3U-ENET-P502 firmware version 1.14 and prior allows a remote unauthenticated attacker to cause a DoS condition in communication by sending specially crafted packets. Control by MELSEC-F series PLC is not affected and system reset is required for recovery. Made by Mitsubishi Electric MELSEC F series Ethernet Interface blocks NULL Pointer reference (CWE-476 , CVE-2021-20596) A vulnerability exists. This vulnerability information is provided by the developer for the purpose of making it known to product users. JPCERT/CC Report to JPCERT/CC Coordinated with the developers.If the product receives a malicious packet crafted by a remote third party, an error will occur and communication will interfere with service operation. (DoS) It may be in a state. In addition, by resetting the system, service operation is interrupted. (DoS) Recovery from the state is possible. According to the developer MELSEC F It has no effect on the control of the basic units of the series. Pillow is a Python-based image processing library. \nThere is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements. Misubishi Electric Mitsubishi Electric MELSEC-F Series is a basic micro PLC with scalability of analog and communication functions for industrial control equipment of Mitsubishi Electric Corporation. Mitsubishi Electric MELSEC-F Series contains a code issue vulnerability that could cause a denial of service condition for communication with the product",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-20596"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-002007"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"db": "VULHUB",
"id": "VHN-378272"
},
{
"db": "VULMON",
"id": "CVE-2021-20596"
}
],
"trust": 2.34
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2021-20596",
"trust": 2.6
},
{
"db": "JVN",
"id": "JVNVU94348759",
"trust": 2.6
},
{
"db": "ICS CERT",
"id": "ICSA-21-201-01",
"trust": 2.5
},
{
"db": "JVNDB",
"id": "JVNDB-2021-002007",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202107-1555",
"trust": 0.7
},
{
"db": "CS-HELP",
"id": "SB2021072103",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.2464",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2021041363",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202104-975",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-378272",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2021-20596",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-378272"
},
{
"db": "VULMON",
"id": "CVE-2021-20596"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-002007"
},
{
"db": "CNNVD",
"id": "CNNVD-202107-1555"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"db": "NVD",
"id": "CVE-2021-20596"
}
]
},
"id": "VAR-202107-0288",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-378272"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:03:17.705000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "MELSEC\u00a0F series Ethernet Denial of service in interface block DoS ) Vulnerability",
"trust": 0.8,
"url": "https://www.mitsubishielectric.co.jp/psirt/vulnerability/pdf/2021-006.pdf"
},
{
"title": "MELSEC-F FX3U-ENET Fixes for code issue vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=157423"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-002007"
},
{
"db": "CNNVD",
"id": "CNNVD-202107-1555"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-476",
"trust": 1.1
},
{
"problemtype": "NULL Pointer dereference (CWE-476) [ Other ]",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-378272"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-002007"
},
{
"db": "NVD",
"id": "CVE-2021-20596"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-201-01"
},
{
"trust": 1.8,
"url": "https://jvn.jp/vu/jvnvu94348759/index.html"
},
{
"trust": 1.8,
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-006_en.pdf"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu94348759"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-20596"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.2464"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021072103"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021041363"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-378272"
},
{
"db": "VULMON",
"id": "CVE-2021-20596"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-002007"
},
{
"db": "CNNVD",
"id": "CNNVD-202107-1555"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"db": "NVD",
"id": "CVE-2021-20596"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-378272"
},
{
"db": "VULMON",
"id": "CVE-2021-20596"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-002007"
},
{
"db": "CNNVD",
"id": "CNNVD-202107-1555"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"db": "NVD",
"id": "CVE-2021-20596"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-07-22T00:00:00",
"db": "VULHUB",
"id": "VHN-378272"
},
{
"date": "2021-07-22T00:00:00",
"db": "VULMON",
"id": "CVE-2021-20596"
},
{
"date": "2021-07-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2021-002007"
},
{
"date": "2021-07-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202107-1555"
},
{
"date": "2021-04-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"date": "2021-07-22T12:15:07.787000",
"db": "NVD",
"id": "CVE-2021-20596"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-08-02T00:00:00",
"db": "VULHUB",
"id": "VHN-378272"
},
{
"date": "2021-07-22T00:00:00",
"db": "VULMON",
"id": "CVE-2021-20596"
},
{
"date": "2021-07-26T05:48:00",
"db": "JVNDB",
"id": "JVNDB-2021-002007"
},
{
"date": "2021-08-03T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202107-1555"
},
{
"date": "2021-04-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"date": "2021-08-02T14:25:16.287000",
"db": "NVD",
"id": "CVE-2021-20596"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202107-1555"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Made by Mitsubishi Electric \u00a0MELSEC\u00a0F\u00a0 series \u00a0Ethernet\u00a0 In the interface block \u00a0NULL\u00a0 Pointer reference vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-002007"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "code problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202107-1555"
}
],
"trust": 0.6
}
}
VAR-202201-1491
Vulnerability from variot - Updated: 2022-05-06 08:33Improper initialization vulnerability in MELSEC-F series FX3U-ENET Firmware version 1.16 and prior, FX3U-ENET-L Firmware version 1.16 and prior and FX3U-ENET-P502 Firmware version 1.16 and prior allows a remote unauthenticated attacker to cause a denial-of-service (DoS) condition in communication function of the product by sending specially crafted packets. Control by MELSEC-F series PLC is not affected by this vulnerability, but system reset is required for recovery.
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202201-1491",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "fx3u-enet-p502",
"scope": "lte",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": "1.16"
},
{
"model": "fx3u-enet",
"scope": "lte",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": "1.16"
},
{
"model": "fx3u-enet-l",
"scope": "lte",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": "1.16"
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2021-20613"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:mitsubishielectric:fx3u-enet_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.16",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:mitsubishielectric:fx3u-enet:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:mitsubishielectric:fx3u-enet_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.16",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:mitsubishielectric:fx3u-enet:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:mitsubishielectric:fx3u-enet-l_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.16",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:mitsubishielectric:fx3u-enet-l:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:mitsubishielectric:fx3u-enet-l_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.16",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:mitsubishielectric:fx3u-enet-l:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:mitsubishielectric:fx3u-enet-p502_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.16",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:mitsubishielectric:fx3u-enet-p502:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:mitsubishielectric:fx3u-enet-p502_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.16",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:mitsubishielectric:fx3u-enet-p502:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2021-20613"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Mitsubishi Electric reported this vulnerability to CISA.",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202201-1074"
}
],
"trust": 0.6
},
"cve": "CVE-2021-20613",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2021-20613",
"impactScore": 6.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2021-20613",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2021-20613",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202201-1074",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202201-1074"
},
{
"db": "NVD",
"id": "CVE-2021-20613"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Improper initialization vulnerability in MELSEC-F series FX3U-ENET Firmware version 1.16 and prior, FX3U-ENET-L Firmware version 1.16 and prior and FX3U-ENET-P502 Firmware version 1.16 and prior allows a remote unauthenticated attacker to cause a denial-of-service (DoS) condition in communication function of the product by sending specially crafted packets. Control by MELSEC-F series PLC is not affected by this vulnerability, but system reset is required for recovery.",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-20613"
}
],
"trust": 1.0
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "JVN",
"id": "JVNVU93268332",
"trust": 1.6
},
{
"db": "ICS CERT",
"id": "ICSA-22-013-07",
"trust": 1.6
},
{
"db": "NVD",
"id": "CVE-2021-20613",
"trust": 1.6
},
{
"db": "CNNVD",
"id": "CNNVD-202201-1074",
"trust": 0.6
}
],
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202201-1074"
},
{
"db": "NVD",
"id": "CVE-2021-20613"
}
]
},
"id": "VAR-202201-1491",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 1.0
},
"last_update_date": "2022-05-06T08:33:48.024000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Mitsubishi Electric MELSEC-F Series Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=177942"
}
],
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202201-1074"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-665",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2021-20613"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.6,
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-013-07"
},
{
"trust": 1.6,
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-024_en.pdf"
},
{
"trust": 1.6,
"url": "https://jvn.jp/vu/jvnvu93268332/index.html"
},
{
"trust": 0.6,
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-22-013-07"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-20613"
}
],
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202201-1074"
},
{
"db": "NVD",
"id": "CVE-2021-20613"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNNVD",
"id": "CNNVD-202201-1074"
},
{
"db": "NVD",
"id": "CVE-2021-20613"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-01-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202201-1074"
},
{
"date": "2022-01-14T20:15:00",
"db": "NVD",
"id": "CVE-2021-20613"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-03-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202201-1074"
},
{
"date": "2022-01-21T18:04:00",
"db": "NVD",
"id": "CVE-2021-20613"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202201-1074"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Mitsubishi Electric MELSEC-F Series Security hole",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202201-1074"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202201-1074"
}
],
"trust": 0.6
}
}
VAR-202201-1492
Vulnerability from variot - Updated: 2022-05-04 09:08Lack of administrator control over security vulnerability in MELSEC-F series FX3U-ENET Firmware version 1.14 and prior, FX3U-ENET-L Firmware version 1.14 and prior and FX3U-ENET-P502 Firmware version 1.14 and prior allows a remote unauthenticated attacker to cause a denial-of-service (DoS) condition in communication function of the product or other unspecified effects by sending specially crafted packets to an unnecessary opening of TCP port. Control by MELSEC-F series PLC is not affected by this vulnerability, but system reset is required for recovery.
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202201-1492",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "fx3u-enet",
"scope": "lte",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": "1.14"
},
{
"model": "fx3u-enet-l",
"scope": "lte",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": "1.14"
},
{
"model": "fx3u-enet-p502",
"scope": "lte",
"trust": 1.0,
"vendor": "mitsubishielectric",
"version": "1.14"
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2021-20612"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:mitsubishielectric:fx3u-enet_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.14",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:mitsubishielectric:fx3u-enet:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:mitsubishielectric:fx3u-enet_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.14",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:mitsubishielectric:fx3u-enet:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:mitsubishielectric:fx3u-enet-l_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.14",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:mitsubishielectric:fx3u-enet-l:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:mitsubishielectric:fx3u-enet-l_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.14",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:mitsubishielectric:fx3u-enet-l:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:mitsubishielectric:fx3u-enet-p502_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.14",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:mitsubishielectric:fx3u-enet-p502:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:mitsubishielectric:fx3u-enet-p502_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.14",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:mitsubishielectric:fx3u-enet-p502:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2021-20612"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Mitsubishi Electric reported this vulnerability to CISA.",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202201-1079"
}
],
"trust": 0.6
},
"cve": "CVE-2021-20612",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2021-20612",
"impactScore": 6.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2021-20612",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2021-20612",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202201-1079",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202201-1079"
},
{
"db": "NVD",
"id": "CVE-2021-20612"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Lack of administrator control over security vulnerability in MELSEC-F series FX3U-ENET Firmware version 1.14 and prior, FX3U-ENET-L Firmware version 1.14 and prior and FX3U-ENET-P502 Firmware version 1.14 and prior allows a remote unauthenticated attacker to cause a denial-of-service (DoS) condition in communication function of the product or other unspecified effects by sending specially crafted packets to an unnecessary opening of TCP port. Control by MELSEC-F series PLC is not affected by this vulnerability, but system reset is required for recovery.",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-20612"
}
],
"trust": 1.0
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "JVN",
"id": "JVNVU93268332",
"trust": 1.6
},
{
"db": "ICS CERT",
"id": "ICSA-22-013-01",
"trust": 1.6
},
{
"db": "NVD",
"id": "CVE-2021-20612",
"trust": 1.6
},
{
"db": "CNNVD",
"id": "CNNVD-202201-1079",
"trust": 0.6
}
],
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202201-1079"
},
{
"db": "NVD",
"id": "CVE-2021-20612"
}
]
},
"id": "VAR-202201-1492",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 1.0
},
"last_update_date": "2022-05-04T09:08:18.981000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Mitsubishi Electric MELSEC-F Series Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=177947"
}
],
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202201-1079"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-798",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2021-20612"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.6,
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-023_en.pdf"
},
{
"trust": 1.6,
"url": "https://jvn.jp/vu/jvnvu93268332/index.html"
},
{
"trust": 1.6,
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-013-01"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-20612"
},
{
"trust": 0.6,
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-22-013-01"
}
],
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202201-1079"
},
{
"db": "NVD",
"id": "CVE-2021-20612"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNNVD",
"id": "CNNVD-202201-1079"
},
{
"db": "NVD",
"id": "CVE-2021-20612"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-01-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202201-1079"
},
{
"date": "2022-01-14T20:15:00",
"db": "NVD",
"id": "CVE-2021-20612"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-02-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202201-1079"
},
{
"date": "2022-01-21T18:11:00",
"db": "NVD",
"id": "CVE-2021-20612"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202201-1079"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Mitsubishi Electric MELSEC-F Series Trust Management Issue Vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202201-1079"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "trust management problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202201-1079"
}
],
"trust": 0.6
}
}