Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
12 vulnerabilities found for fx5-enet\/ip_firmware by mitsubishielectric
CVE-2023-2063 (GCVE-0-2023-2063)
Vulnerability from nvd – Published: 2023-06-02 04:05 – Updated: 2025-03-05 18:58
VLAI?
Title
Information disclosure, tampering, deletion and destruction vulnerability in MELSEC iQ-R Series / iQ-F Series EtherNet/IP Modules
Summary
Unrestricted Upload of File with Dangerous Type vulnerability in FTP function on Mitsubishi Electric Corporation MELSEC iQ-R Series EtherNet/IP module RJ71EIP91 and MELSEC iQ-F Series EtherNet/IP module FX5-ENET/IP allows a remote unauthenticated attacker to cause information disclosure, tampering, deletion or destruction via file upload/download. As a result, the attacker may be able to exploit this for further attacks.
Severity ?
6.3 (Medium)
CWE
- CWE-434 - Unrestricted Upload of File with Dangerous Type
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Mitsubishi Electric Corporation | MELSEC iQ-R Series EtherNet/IP module RJ71EIP91 |
Affected:
all versions
|
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T06:12:19.831Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.mitsubishielectric.co.jp/psirt/vulnerability/pdf/2023-004.pdf"
},
{
"tags": [
"x_transferred"
],
"url": "https://jvn.jp/vu/JVNVU92908006"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-2063",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-05T18:36:36.584135Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-05T18:58:08.629Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-R Series EtherNet/IP module RJ71EIP91",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series EtherNet/IP module FX5-ENET/IP",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Unrestricted Upload of File with Dangerous Type vulnerability in FTP function on Mitsubishi Electric Corporation MELSEC iQ-R Series EtherNet/IP module RJ71EIP91 and MELSEC iQ-F Series EtherNet/IP module FX5-ENET/IP allows a remote unauthenticated attacker to cause information disclosure, tampering, deletion or destruction via file upload/download. As a result, the attacker may be able to exploit this for further attacks.\u003cbr\u003e"
}
],
"value": "Unrestricted Upload of File with Dangerous Type vulnerability in FTP function on Mitsubishi Electric Corporation MELSEC iQ-R Series EtherNet/IP module RJ71EIP91 and MELSEC iQ-F Series EtherNet/IP module FX5-ENET/IP allows a remote unauthenticated attacker to cause information disclosure, tampering, deletion or destruction via file upload/download. As a result, the attacker may be able to exploit this for further attacks.\n"
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": "Information Disclosure"
}
]
},
{
"descriptions": [
{
"lang": "en",
"value": "Infomation Tampering"
}
]
},
{
"descriptions": [
{
"lang": "en",
"value": "Information Deletion"
}
]
},
{
"descriptions": [
{
"lang": "en",
"value": "Information Destruction"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-434",
"description": "CWE-434 Unrestricted Upload of File with Dangerous Type",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-02T04:05:38.109Z",
"orgId": "e0f77b61-78fd-4786-b3fb-1ee347a748ad",
"shortName": "Mitsubishi"
},
"references": [
{
"url": "https://www.mitsubishielectric.co.jp/psirt/vulnerability/pdf/2023-004.pdf"
},
{
"url": "https://jvn.jp/vu/JVNVU92908006"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Information disclosure, tampering, deletion and destruction vulnerability in MELSEC iQ-R Series / iQ-F Series EtherNet/IP Modules",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "e0f77b61-78fd-4786-b3fb-1ee347a748ad",
"assignerShortName": "Mitsubishi",
"cveId": "CVE-2023-2063",
"datePublished": "2023-06-02T04:05:38.109Z",
"dateReserved": "2023-04-14T08:44:09.737Z",
"dateUpdated": "2025-03-05T18:58:08.629Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-2062 (GCVE-0-2023-2062)
Vulnerability from nvd – Published: 2023-06-02 04:04 – Updated: 2025-03-05 18:58
VLAI?
Title
Information Disclosure vulnerability in EtherNet/IP Configuration tools
Summary
Missing Password Field Masking vulnerability in Mitsubishi Electric Corporation EtherNet/IP configuration tools SW1DNN-EIPCT-BD and SW1DNN-EIPCTFX5-BD allows a remote unauthenticated attacker to know the password for MELSEC iQ-R Series EtherNet/IP module RJ71EIP91 and MELSEC iQ-F Series EtherNet/IP module FX5-ENET/IP. This vulnerability results in authentication bypass vulnerability, which allows the attacker to access MELSEC iQ-R Series EtherNet/IP module RJ71EIP91 and MELSEC iQ-F Series EtherNet/IP module FX5-ENET/IP via FTP.
Severity ?
6.2 (Medium)
CWE
- CWE-549 - Missing Password Field Masking
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Mitsubishi Electric Corporation | EtherNet/IP Configuration tool for RJ71EIP91 SW1DNN-EIPCT-BD |
Affected:
Software version "1.01B" and prior
|
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T06:12:20.250Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.mitsubishielectric.co.jp/psirt/vulnerability/pdf/2023-004.pdf"
},
{
"tags": [
"x_transferred"
],
"url": "https://jvn.jp/vu/JVNVU92908006"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-2062",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-05T18:36:40.253808Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-05T18:58:15.223Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "EtherNet/IP Configuration tool for RJ71EIP91 SW1DNN-EIPCT-BD",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "Software version \"1.01B\" and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EtherNet/IP Configuration tool for FX5-ENET/IP SW1DNN-EIPCTFX5-BD",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "Software version \"1.01B\" and prior"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Missing Password Field Masking vulnerability in Mitsubishi Electric Corporation EtherNet/IP configuration tools SW1DNN-EIPCT-BD and SW1DNN-EIPCTFX5-BD allows a remote unauthenticated attacker to know the password for MELSEC iQ-R Series EtherNet/IP module RJ71EIP91 and MELSEC iQ-F Series EtherNet/IP module FX5-ENET/IP. This vulnerability results in authentication bypass vulnerability, which allows the attacker to access MELSEC iQ-R Series EtherNet/IP module RJ71EIP91 and MELSEC iQ-F Series EtherNet/IP module FX5-ENET/IP via FTP."
}
],
"value": "Missing Password Field Masking vulnerability in Mitsubishi Electric Corporation EtherNet/IP configuration tools SW1DNN-EIPCT-BD and SW1DNN-EIPCTFX5-BD allows a remote unauthenticated attacker to know the password for MELSEC iQ-R Series EtherNet/IP module RJ71EIP91 and MELSEC iQ-F Series EtherNet/IP module FX5-ENET/IP. This vulnerability results in authentication bypass vulnerability, which allows the attacker to access MELSEC iQ-R Series EtherNet/IP module RJ71EIP91 and MELSEC iQ-F Series EtherNet/IP module FX5-ENET/IP via FTP."
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": "Information Disclosure"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-549",
"description": "CWE-549 Missing Password Field Masking",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-31T22:37:13.620Z",
"orgId": "e0f77b61-78fd-4786-b3fb-1ee347a748ad",
"shortName": "Mitsubishi"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.mitsubishielectric.co.jp/psirt/vulnerability/pdf/2023-004.pdf"
},
{
"tags": [
"government-resource"
],
"url": "https://jvn.jp/vu/JVNVU92908006"
},
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-157-02"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Information Disclosure vulnerability in EtherNet/IP Configuration tools",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "e0f77b61-78fd-4786-b3fb-1ee347a748ad",
"assignerShortName": "Mitsubishi",
"cveId": "CVE-2023-2062",
"datePublished": "2023-06-02T04:04:28.648Z",
"dateReserved": "2023-04-14T08:44:07.523Z",
"dateUpdated": "2025-03-05T18:58:15.223Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-2061 (GCVE-0-2023-2061)
Vulnerability from nvd – Published: 2023-06-02 04:03 – Updated: 2025-03-05 18:58
VLAI?
Title
Authentication bypass vulnerability in MELSEC iQ-R Series / iQ-F Series EtherNet/IP Modules
Summary
Use of Hard-coded Password vulnerability in FTP function on Mitsubishi Electric Corporation MELSEC iQ-R Series EtherNet/IP module RJ71EIP91 and MELSEC iQ-F Series EtherNet/IP module FX5-ENET/IP allows a remote unauthenticated attacker to obtain a hard-coded password and access to the module via FTP.
Severity ?
6.2 (Medium)
CWE
- CWE-259 - Use of Hard-coded Password
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Mitsubishi Electric Corporation | MELSEC iQ-R Series EtherNet/IP module RJ71EIP91 |
Affected:
all versions
|
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T06:12:19.938Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.mitsubishielectric.co.jp/psirt/vulnerability/pdf/2023-004.pdf"
},
{
"tags": [
"x_transferred"
],
"url": "https://jvn.jp/vu/JVNVU92908006"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-2061",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-05T18:36:44.832977Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-05T18:58:23.764Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-R Series EtherNet/IP module RJ71EIP91",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series EtherNet/IP module FX5-ENET/IP",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Use of Hard-coded Password vulnerability in FTP function on Mitsubishi Electric Corporation MELSEC iQ-R Series EtherNet/IP module RJ71EIP91 and MELSEC iQ-F Series EtherNet/IP module FX5-ENET/IP allows a remote unauthenticated attacker to obtain a hard-coded password and access to the module via FTP."
}
],
"value": "Use of Hard-coded Password vulnerability in FTP function on Mitsubishi Electric Corporation MELSEC iQ-R Series EtherNet/IP module RJ71EIP91 and MELSEC iQ-F Series EtherNet/IP module FX5-ENET/IP allows a remote unauthenticated attacker to obtain a hard-coded password and access to the module via FTP."
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": "Authentication Bypass"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-259",
"description": "CWE-259 Use of Hard-coded Password",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-02T04:03:36.665Z",
"orgId": "e0f77b61-78fd-4786-b3fb-1ee347a748ad",
"shortName": "Mitsubishi"
},
"references": [
{
"url": "https://www.mitsubishielectric.co.jp/psirt/vulnerability/pdf/2023-004.pdf"
},
{
"url": "https://jvn.jp/vu/JVNVU92908006"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Authentication bypass vulnerability in MELSEC iQ-R Series / iQ-F Series EtherNet/IP Modules",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "e0f77b61-78fd-4786-b3fb-1ee347a748ad",
"assignerShortName": "Mitsubishi",
"cveId": "CVE-2023-2061",
"datePublished": "2023-06-02T04:03:36.665Z",
"dateReserved": "2023-04-14T08:44:04.100Z",
"dateUpdated": "2025-03-05T18:58:23.764Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-2060 (GCVE-0-2023-2060)
Vulnerability from nvd – Published: 2023-06-02 04:02 – Updated: 2025-03-05 18:58
VLAI?
Title
Authentication bypass vulnerability in MELSEC iQ-R Series / iQ-F Series EtherNet/IP Modules
Summary
Weak Password Requirements vulnerability in FTP function on Mitsubishi Electric Corporation MELSEC iQ-R Series EtherNet/IP module RJ71EIP91 and MELSEC iQ-F Series EtherNet/IP module FX5-ENET/IP allows a remote unauthenticated attacker to access to the module via FTP by dictionary attack or password sniffing.
Severity ?
7.5 (High)
CWE
- CWE-521 - Weak Password Requirements
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Mitsubishi Electric Corporation | MELSEC iQ-R Series EtherNet/IP module RJ71EIP91 |
Affected:
all versions
|
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T06:12:19.945Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.mitsubishielectric.co.jp/psirt/vulnerability/pdf/2023-004.pdf"
},
{
"tags": [
"x_transferred"
],
"url": "https://jvn.jp/vu/JVNVU92908006"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-2060",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-05T18:39:17.820623Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-05T18:58:31.287Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-R Series EtherNet/IP module RJ71EIP91",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series EtherNet/IP module FX5-ENET/IP",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Weak Password Requirements vulnerability in FTP function on Mitsubishi Electric Corporation MELSEC iQ-R Series EtherNet/IP module RJ71EIP91 and MELSEC iQ-F Series EtherNet/IP module FX5-ENET/IP allows a remote unauthenticated attacker to access to the module via FTP by dictionary attack or password sniffing."
}
],
"value": "Weak Password Requirements vulnerability in FTP function on Mitsubishi Electric Corporation MELSEC iQ-R Series EtherNet/IP module RJ71EIP91 and MELSEC iQ-F Series EtherNet/IP module FX5-ENET/IP allows a remote unauthenticated attacker to access to the module via FTP by dictionary attack or password sniffing."
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": "Authentication Bypass"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-521",
"description": "CWE-521 Weak Password Requirements",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-02T04:02:32.377Z",
"orgId": "e0f77b61-78fd-4786-b3fb-1ee347a748ad",
"shortName": "Mitsubishi"
},
"references": [
{
"url": "https://www.mitsubishielectric.co.jp/psirt/vulnerability/pdf/2023-004.pdf"
},
{
"url": "https://jvn.jp/vu/JVNVU92908006"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Authentication bypass vulnerability in MELSEC iQ-R Series / iQ-F Series EtherNet/IP Modules",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "e0f77b61-78fd-4786-b3fb-1ee347a748ad",
"assignerShortName": "Mitsubishi",
"cveId": "CVE-2023-2060",
"datePublished": "2023-06-02T04:02:32.377Z",
"dateReserved": "2023-04-14T08:43:59.259Z",
"dateUpdated": "2025-03-05T18:58:31.287Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-0457 (GCVE-0-2023-0457)
Vulnerability from nvd – Published: 2023-03-03 04:18 – Updated: 2025-03-05 20:02
VLAI?
Title
Information Disclosure Vulnerability in MELSEC Series
Summary
Plaintext Storage of a Password vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series, MELSEC iQ-R Series, MELSEC-Q Series and MELSEC-L Series allows a remote unauthenticated attacker to disclose plaintext credentials stored in project files and login into FTP server or Web server.
Severity ?
7.5 (High)
CWE
- CWE-256 - Plaintext Storage of a Password
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T05:10:56.351Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-023_en.pdf"
},
{
"tags": [
"x_transferred"
],
"url": "https://jvn.jp/vu/JVNVU93891523/index.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-061-01"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-0457",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-05T20:02:13.840915Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-05T20:02:32.364Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5U-32MT/ES",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5U-64MT/ES",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5U-80MT/ES",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5U-32MR/ES",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5U-64MR/ES",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5U-80MR/ES",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5U-32MT/DS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5U-64MT/DS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5U-80MT/DS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5U-32MR/DS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5U-64MR/DS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5U-80MR/DS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5U-32MT/ESS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5U-64MT/ESS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5U-80MT/ESS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5U-32MT/DSS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5U-64MT/DSS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5U-80MT/DSS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UC-32MT/D",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UC-64MT/D",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UC-96MT/D",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UC-32MT/DSS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UC-64MT/DSS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UC-96MT/DSS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UC-32MT/DS-TS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UC-32MT/DSS-TS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UC-32MR/DS-TS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UJ-24MT/ES",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UJ-40MT/ES",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UJ-60MT/ES",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UJ-24MR/ES",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UJ-40MR/ES",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UJ-60MR/ES",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UJ-24MT/ESS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UJ-40MT/ESS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UJ-60MT/ESS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UJ-24MT/ES-A",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UJ-40MT/ES-A",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UJ-60MT/ES-A",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UJ-24MR/ES-A",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UJ-40MR/ES-A",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UJ-60MR/ES-A",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5S-30MT/ES",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5S-40MT/ES",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5S-60MT/ES",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5S-80MT/ES",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5S-30MR/ES",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5S-40MR/ES",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5S-60MR/ES",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5S-80MR/ES",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5S-30MT/ESS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5S-40MT/ESS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5S-60MT/ESS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5S-80MT/ESS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5-ENET",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5-ENET/IP",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-R Series R00CPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-R Series R01CPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-R Series R02CPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-R Series R04CPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-R Series R08CPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-R Series R16CPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-R Series R32CPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-R Series R120CPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-R Series R04ENCPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-R Series R08ENCPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-R Series R16ENCPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-R Series R32ENCPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-R Series R120ENCPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-R Series R08SFCPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-R Series R16SFCPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-R Series R32SFCPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-R Series R120SFCPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-R Series R08PCPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-R Series R16PCPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-R Series R32PCPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-R Series R120PCPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-R Series R08PSFCPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-R Series R16PSFCPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-R Series R32PSFCPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-R Series R120PSFCPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-R Series RJ71EN71",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-R Series R12CCPU-V",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC-Q Series Q03UDECPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC-Q Series Q04UDEHCPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC-Q Series Q06UDEHCPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC-Q Series Q10UDEHCPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC-Q Series Q13UDEHCPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC-Q Series Q20UDEHCPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC-Q Series Q26UDEHCPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC-Q Series Q50UDEHCPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC-Q Series Q100UDEHCPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC-Q Series Q03UDVCPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC-Q Series Q04UDVCPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC-Q Series Q06UDVCPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC-Q Series Q13UDVCPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC-Q Series Q26UDVCPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC-Q Series Q04UDPVCPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC-Q Series Q06UDPVCPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC-Q Series Q13UDPVCPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC-Q Series Q26UDPVCPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC-Q Series QJ71E71-100",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC-L Series L02CPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC-L Series L06CPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC-L Series L26CPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC-L Series L02CPU-P",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC-L Series L06CPU-P",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC-L Series L26CPU-P",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC-L Series L26CPU-BT",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC-L Series L26CPU-PBT",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC-L Series LJ71E71-100",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Plaintext Storage of a Password vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series, MELSEC iQ-R Series, MELSEC-Q Series and MELSEC-L Series allows a remote unauthenticated attacker to disclose plaintext credentials stored in project files and login into FTP server or Web server."
}
],
"value": "Plaintext Storage of a Password vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series, MELSEC iQ-R Series, MELSEC-Q Series and MELSEC-L Series allows a remote unauthenticated attacker to disclose plaintext credentials stored in project files and login into FTP server or Web server."
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": "Information disclosure"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-256",
"description": "CWE-256 Plaintext Storage of a Password",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-21T04:21:45.500Z",
"orgId": "e0f77b61-78fd-4786-b3fb-1ee347a748ad",
"shortName": "Mitsubishi"
},
"references": [
{
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-023_en.pdf"
},
{
"url": "https://jvn.jp/vu/JVNVU93891523/index.html"
},
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-061-01"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Information Disclosure Vulnerability in MELSEC Series",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "e0f77b61-78fd-4786-b3fb-1ee347a748ad",
"assignerShortName": "Mitsubishi",
"cveId": "CVE-2023-0457",
"datePublished": "2023-03-03T04:18:15.787Z",
"dateReserved": "2023-01-24T08:55:21.468Z",
"dateUpdated": "2025-03-05T20:02:32.364Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-16226 (GCVE-0-2020-16226)
Vulnerability from nvd – Published: 2020-10-05 17:19 – Updated: 2024-09-17 00:25
VLAI?
Title
Mitsubishi Electric Multiple Products
Summary
Multiple Mitsubishi Electric products are vulnerable to impersonations of a legitimate device by a malicious actor, which may allow an attacker to remotely execute arbitrary commands.
Severity ?
No CVSS data available.
CWE
- CWE-342 - PREDICTABLE EXACT VALUE FROM PREVIOUS VALUES CWE-342
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Mitsubishi Electric | QJ71MES96 |
Affected:
all versions
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Date Public ?
2020-09-01 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T13:37:54.189Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-245-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "QJ71MES96",
"vendor": "Mitsubishi Electric",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"product": "QJ71WS96",
"vendor": "Mitsubishi Electric",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"product": "Q06CCPU-V",
"vendor": "Mitsubishi Electric",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"product": "Q24DHCCPU-V",
"vendor": "Mitsubishi Electric",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"product": "Q24DHCCPU-VG",
"vendor": "Mitsubishi Electric",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"product": "R12CCPU-V",
"vendor": "Mitsubishi Electric",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"product": "RD55UP06-V,",
"vendor": "Mitsubishi Electric",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"product": "D55UP12-V",
"vendor": "Mitsubishi Electric",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"product": "RJ71GN11-T2",
"vendor": "Mitsubishi Electric",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"product": "RJ71EN71",
"vendor": "Mitsubishi Electric",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"product": "QJ71E71-100",
"vendor": "Mitsubishi Electric",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"product": "LJ71E71-100",
"vendor": "Mitsubishi Electric",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"product": "QJ71MT91",
"vendor": "Mitsubishi Electric",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"product": "RD78Gn(n=4,8,16,32,64)",
"vendor": "Mitsubishi Electric",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"product": "RD78GHV",
"vendor": "Mitsubishi Electric",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"product": "RD78GHW",
"vendor": "Mitsubishi Electric",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"product": "NZ2GACP620-60",
"vendor": "Mitsubishi Electric",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"product": "NZ2GACP620-300",
"vendor": "Mitsubishi Electric",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"product": "NZ2FT-MT",
"vendor": "Mitsubishi Electric",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"product": "NZ2FT-EIP",
"vendor": "Mitsubishi Electric",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"product": "Q03UDECPU",
"vendor": "Mitsubishi Electric",
"versions": [
{
"status": "affected",
"version": "the first 5 digits of serial number 22081 and prior"
}
]
},
{
"product": "QnUDEHCPU(n=04/06/10/13/20/26/50/100)",
"vendor": "Mitsubishi Electric",
"versions": [
{
"status": "affected",
"version": "the first 5 digits of serial number 22081 and prior"
}
]
},
{
"product": "QnUDVCPU(n=03/04/06/13/26)",
"vendor": "Mitsubishi Electric",
"versions": [
{
"status": "affected",
"version": "the first 5 digits of serial number 22031 and prior"
}
]
},
{
"product": "QnUDPVCPU(n=04/06/13/2)",
"vendor": "Mitsubishi Electric",
"versions": [
{
"status": "affected",
"version": "the first 5 digits of serial number 22031 and prior"
}
]
},
{
"product": "LnCPU(-P)(n=02/06/26)",
"vendor": "Mitsubishi Electric",
"versions": [
{
"status": "affected",
"version": "the first 5 digits of serial number 22051 and prior"
}
]
},
{
"product": "L26CPU-(P)BT",
"vendor": "Mitsubishi Electric",
"versions": [
{
"status": "affected",
"version": "the first 5 digits of serial number 22051 and prior"
}
]
},
{
"product": "RnCPU(n=00/01/02)",
"vendor": "Mitsubishi Electric",
"versions": [
{
"lessThan": "Version 18 and prior",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "RnCPU(n=04/08/16/32/120)",
"vendor": "Mitsubishi Electric",
"versions": [
{
"lessThan": "Version 50 and prior",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "RnENCPU(n=04/08/16/32/120)",
"vendor": "Mitsubishi Electric",
"versions": [
{
"lessThan": "Version 50 and prior",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "RnSFCPU (n=08/16/32/120)",
"vendor": "Mitsubishi Electric",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"product": "RnPCPU(n=08/16/32/120)",
"vendor": "Mitsubishi Electric",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"product": "RnPSFCPU(n=08/16/32/120)",
"vendor": "Mitsubishi Electric",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"product": "FX5U(C)-**M*/**",
"vendor": "Mitsubishi Electric",
"versions": [
{
"lessThan": "Serial number 17X**** or later: Version 1.210 and prior",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "Serial number 179**** and prior: Version 1.070 and prior",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "FX5UC-32M*/**-TS",
"vendor": "Mitsubishi Electric",
"versions": [
{
"lessThan": "Version 1.210 and prior",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "FX5UJ-**M*/**",
"vendor": "Mitsubishi Electric",
"versions": [
{
"status": "affected",
"version": "Version 1.000"
}
]
},
{
"product": "FX5-ENET",
"vendor": "Mitsubishi Electric",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"product": "FX5-ENET/IP",
"vendor": "Mitsubishi Electric",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"product": "FX3U-ENET-ADP",
"vendor": "Mitsubishi Electric",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"product": "FX3GE-**M*/**",
"vendor": "Mitsubishi Electric",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"product": "FX3U-ENET",
"vendor": "Mitsubishi Electric",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"product": "FX3U-ENET-L",
"vendor": "Mitsubishi Electric",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"product": "FX3U-ENET-P502",
"vendor": "Mitsubishi Electric",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"product": "FX5-CCLGN-MS",
"vendor": "Mitsubishi Electric",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"product": "IU1-1M20-D",
"vendor": "Mitsubishi Electric",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"product": "LE7-40GU-L",
"vendor": "Mitsubishi Electric",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"product": "GOT2000 Series GT21 Model",
"vendor": "Mitsubishi Electric",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"product": "GS Series",
"vendor": "Mitsubishi Electric",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"product": "GOT1000 Series GT14 Model",
"vendor": "Mitsubishi Electric",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"product": "GT25-J71GN13-T2",
"vendor": "Mitsubishi Electric",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"product": "FR-A800-E Series",
"vendor": "Mitsubishi Electric",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"product": "FR-F800-E Series",
"vendor": "Mitsubishi Electric",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"product": "FR-A8NCG",
"vendor": "Mitsubishi Electric",
"versions": [
{
"status": "affected",
"version": "Production date August 2020 and prior"
}
]
},
{
"product": "FR-E800-EPA Series",
"vendor": "Mitsubishi Electric",
"versions": [
{
"status": "affected",
"version": "Production date July 2020 and prior"
}
]
},
{
"product": "FR-E800-EPB Series",
"vendor": "Mitsubishi Electric",
"versions": [
{
"status": "affected",
"version": "Production date July 2020 and prior"
}
]
},
{
"product": "Conveyor Tracking Application",
"vendor": "Mitsubishi Electric",
"versions": [
{
"status": "affected",
"version": "APR-nTR3FH all versions"
},
{
"status": "affected",
"version": "APR-nTR6FH all versions"
},
{
"status": "affected",
"version": "APR-nTR12FH all versions"
},
{
"status": "affected",
"version": "APR-nTR20FH(n=1,2) all versions"
}
]
},
{
"product": "MR-JE-C",
"vendor": "Mitsubishi Electric",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"product": "MR-J4-TM",
"vendor": "Mitsubishi Electric",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
}
],
"datePublic": "2020-09-01T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple Mitsubishi Electric products are vulnerable to impersonations of a legitimate device by a malicious actor, which may allow an attacker to remotely execute arbitrary commands."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-342",
"description": "PREDICTABLE EXACT VALUE FROM PREVIOUS VALUES CWE-342",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-05T17:19:17.000Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-245-01"
}
],
"source": {
"advisory": "ICSA-20-245-01",
"discovery": "UNKNOWN"
},
"title": "Mitsubishi Electric Multiple Products",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"DATE_PUBLIC": "2020-09-01T16:00:00.000Z",
"ID": "CVE-2020-16226",
"STATE": "PUBLIC",
"TITLE": "Mitsubishi Electric Multiple Products"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "QJ71MES96",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "all versions"
}
]
}
},
{
"product_name": "QJ71WS96",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "all versions"
}
]
}
},
{
"product_name": "Q06CCPU-V",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "all versions"
}
]
}
},
{
"product_name": "Q24DHCCPU-V",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "all versions"
}
]
}
},
{
"product_name": "Q24DHCCPU-VG",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "all versions"
}
]
}
},
{
"product_name": "R12CCPU-V",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "all versions"
}
]
}
},
{
"product_name": "RD55UP06-V,",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "all versions"
}
]
}
},
{
"product_name": "D55UP12-V",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "all versions"
}
]
}
},
{
"product_name": "RJ71GN11-T2",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "all versions"
}
]
}
},
{
"product_name": "RJ71EN71",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "all versions"
}
]
}
},
{
"product_name": "QJ71E71-100",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "all versions"
}
]
}
},
{
"product_name": "LJ71E71-100",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "all versions"
}
]
}
},
{
"product_name": "QJ71MT91",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "all versions"
}
]
}
},
{
"product_name": "RD78Gn(n=4,8,16,32,64)",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "all versions"
}
]
}
},
{
"product_name": "RD78GHV",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "all versions"
}
]
}
},
{
"product_name": "RD78GHW",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "all versions"
}
]
}
},
{
"product_name": "NZ2GACP620-60",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "all versions"
}
]
}
},
{
"product_name": "NZ2GACP620-300",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "all versions"
}
]
}
},
{
"product_name": "NZ2FT-MT",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "all versions"
}
]
}
},
{
"product_name": "NZ2FT-EIP",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "all versions"
}
]
}
},
{
"product_name": "Q03UDECPU",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "the first 5 digits of serial number 22081 and prior"
}
]
}
},
{
"product_name": "QnUDEHCPU(n=04/06/10/13/20/26/50/100)",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "the first 5 digits of serial number 22081 and prior"
}
]
}
},
{
"product_name": "QnUDVCPU(n=03/04/06/13/26)",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "the first 5 digits of serial number 22031 and prior"
}
]
}
},
{
"product_name": "QnUDPVCPU(n=04/06/13/2)",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "the first 5 digits of serial number 22031 and prior"
}
]
}
},
{
"product_name": "LnCPU(-P)(n=02/06/26)",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "the first 5 digits of serial number 22051 and prior"
}
]
}
},
{
"product_name": "L26CPU-(P)BT",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "the first 5 digits of serial number 22051 and prior"
}
]
}
},
{
"product_name": "RnCPU(n=00/01/02)",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "Version 18 and prior"
}
]
}
},
{
"product_name": "RnCPU(n=04/08/16/32/120)",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "Version 50 and prior"
}
]
}
},
{
"product_name": "RnENCPU(n=04/08/16/32/120)",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "Version 50 and prior"
}
]
}
},
{
"product_name": "RnSFCPU (n=08/16/32/120)",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "all versions"
}
]
}
},
{
"product_name": "RnPCPU(n=08/16/32/120)",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "all versions"
}
]
}
},
{
"product_name": "RnPSFCPU(n=08/16/32/120)",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "all versions"
}
]
}
},
{
"product_name": "FX5U(C)-**M*/**",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "Serial number 17X**** or later: Version 1.210 and prior"
},
{
"version_affected": "\u003c",
"version_value": "Serial number 179**** and prior: Version 1.070 and prior"
}
]
}
},
{
"product_name": "FX5UC-32M*/**-TS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "Version 1.210 and prior"
}
]
}
},
{
"product_name": "FX5UJ-**M*/**",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "Version 1.000"
}
]
}
},
{
"product_name": "FX5-ENET",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "all versions"
}
]
}
},
{
"product_name": "FX5-ENET/IP",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "all versions"
}
]
}
},
{
"product_name": "FX3U-ENET-ADP",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "all versions"
}
]
}
},
{
"product_name": "FX3GE-**M*/**",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "all versions"
}
]
}
},
{
"product_name": "FX3U-ENET",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "all versions"
}
]
}
},
{
"product_name": "FX3U-ENET-L",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "all versions"
}
]
}
},
{
"product_name": "FX3U-ENET-P502",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "all versions"
}
]
}
},
{
"product_name": "FX5-CCLGN-MS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "all versions"
}
]
}
},
{
"product_name": "IU1-1M20-D",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "all versions"
}
]
}
},
{
"product_name": "LE7-40GU-L",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "all versions"
}
]
}
},
{
"product_name": "GOT2000 Series GT21 Model",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "all versions"
}
]
}
},
{
"product_name": "GS Series",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "all versions"
}
]
}
},
{
"product_name": "GOT1000 Series GT14 Model",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "all versions"
}
]
}
},
{
"product_name": "GT25-J71GN13-T2",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "all versions"
}
]
}
},
{
"product_name": "FR-A800-E Series",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "all versions"
}
]
}
},
{
"product_name": "FR-F800-E Series",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "all versions"
}
]
}
},
{
"product_name": "FR-A8NCG",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "Production date August 2020 and prior"
}
]
}
},
{
"product_name": "FR-E800-EPA Series",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "Production date July 2020 and prior"
}
]
}
},
{
"product_name": "FR-E800-EPB Series",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "Production date July 2020 and prior"
}
]
}
},
{
"product_name": "Conveyor Tracking Application",
"version": {
"version_data": [
{
"version_affected": "=",
"version_name": "APR-nTR3FH",
"version_value": "all versions"
},
{
"version_affected": "=",
"version_name": "APR-nTR6FH",
"version_value": "all versions"
},
{
"version_affected": "=",
"version_name": "APR-nTR12FH",
"version_value": "all versions"
},
{
"version_affected": "=",
"version_name": "APR-nTR20FH(n=1,2)",
"version_value": "all versions"
}
]
}
},
{
"product_name": "MR-JE-C",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "all versions"
}
]
}
},
{
"product_name": "MR-J4-TM",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "all versions"
}
]
}
}
]
},
"vendor_name": "Mitsubishi Electric"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple Mitsubishi Electric products are vulnerable to impersonations of a legitimate device by a malicious actor, which may allow an attacker to remotely execute arbitrary commands."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "PREDICTABLE EXACT VALUE FROM PREVIOUS VALUES CWE-342"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://us-cert.cisa.gov/ics/advisories/icsa-20-245-01",
"refsource": "MISC",
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-245-01"
}
]
},
"source": {
"advisory": "ICSA-20-245-01",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2020-16226",
"datePublished": "2020-10-05T17:19:17.358Z",
"dateReserved": "2020-07-31T00:00:00.000Z",
"dateUpdated": "2024-09-17T00:25:38.551Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-2063 (GCVE-0-2023-2063)
Vulnerability from cvelistv5 – Published: 2023-06-02 04:05 – Updated: 2025-03-05 18:58
VLAI?
Title
Information disclosure, tampering, deletion and destruction vulnerability in MELSEC iQ-R Series / iQ-F Series EtherNet/IP Modules
Summary
Unrestricted Upload of File with Dangerous Type vulnerability in FTP function on Mitsubishi Electric Corporation MELSEC iQ-R Series EtherNet/IP module RJ71EIP91 and MELSEC iQ-F Series EtherNet/IP module FX5-ENET/IP allows a remote unauthenticated attacker to cause information disclosure, tampering, deletion or destruction via file upload/download. As a result, the attacker may be able to exploit this for further attacks.
Severity ?
6.3 (Medium)
CWE
- CWE-434 - Unrestricted Upload of File with Dangerous Type
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Mitsubishi Electric Corporation | MELSEC iQ-R Series EtherNet/IP module RJ71EIP91 |
Affected:
all versions
|
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T06:12:19.831Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.mitsubishielectric.co.jp/psirt/vulnerability/pdf/2023-004.pdf"
},
{
"tags": [
"x_transferred"
],
"url": "https://jvn.jp/vu/JVNVU92908006"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-2063",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-05T18:36:36.584135Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-05T18:58:08.629Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-R Series EtherNet/IP module RJ71EIP91",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series EtherNet/IP module FX5-ENET/IP",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Unrestricted Upload of File with Dangerous Type vulnerability in FTP function on Mitsubishi Electric Corporation MELSEC iQ-R Series EtherNet/IP module RJ71EIP91 and MELSEC iQ-F Series EtherNet/IP module FX5-ENET/IP allows a remote unauthenticated attacker to cause information disclosure, tampering, deletion or destruction via file upload/download. As a result, the attacker may be able to exploit this for further attacks.\u003cbr\u003e"
}
],
"value": "Unrestricted Upload of File with Dangerous Type vulnerability in FTP function on Mitsubishi Electric Corporation MELSEC iQ-R Series EtherNet/IP module RJ71EIP91 and MELSEC iQ-F Series EtherNet/IP module FX5-ENET/IP allows a remote unauthenticated attacker to cause information disclosure, tampering, deletion or destruction via file upload/download. As a result, the attacker may be able to exploit this for further attacks.\n"
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": "Information Disclosure"
}
]
},
{
"descriptions": [
{
"lang": "en",
"value": "Infomation Tampering"
}
]
},
{
"descriptions": [
{
"lang": "en",
"value": "Information Deletion"
}
]
},
{
"descriptions": [
{
"lang": "en",
"value": "Information Destruction"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-434",
"description": "CWE-434 Unrestricted Upload of File with Dangerous Type",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-02T04:05:38.109Z",
"orgId": "e0f77b61-78fd-4786-b3fb-1ee347a748ad",
"shortName": "Mitsubishi"
},
"references": [
{
"url": "https://www.mitsubishielectric.co.jp/psirt/vulnerability/pdf/2023-004.pdf"
},
{
"url": "https://jvn.jp/vu/JVNVU92908006"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Information disclosure, tampering, deletion and destruction vulnerability in MELSEC iQ-R Series / iQ-F Series EtherNet/IP Modules",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "e0f77b61-78fd-4786-b3fb-1ee347a748ad",
"assignerShortName": "Mitsubishi",
"cveId": "CVE-2023-2063",
"datePublished": "2023-06-02T04:05:38.109Z",
"dateReserved": "2023-04-14T08:44:09.737Z",
"dateUpdated": "2025-03-05T18:58:08.629Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-2062 (GCVE-0-2023-2062)
Vulnerability from cvelistv5 – Published: 2023-06-02 04:04 – Updated: 2025-03-05 18:58
VLAI?
Title
Information Disclosure vulnerability in EtherNet/IP Configuration tools
Summary
Missing Password Field Masking vulnerability in Mitsubishi Electric Corporation EtherNet/IP configuration tools SW1DNN-EIPCT-BD and SW1DNN-EIPCTFX5-BD allows a remote unauthenticated attacker to know the password for MELSEC iQ-R Series EtherNet/IP module RJ71EIP91 and MELSEC iQ-F Series EtherNet/IP module FX5-ENET/IP. This vulnerability results in authentication bypass vulnerability, which allows the attacker to access MELSEC iQ-R Series EtherNet/IP module RJ71EIP91 and MELSEC iQ-F Series EtherNet/IP module FX5-ENET/IP via FTP.
Severity ?
6.2 (Medium)
CWE
- CWE-549 - Missing Password Field Masking
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Mitsubishi Electric Corporation | EtherNet/IP Configuration tool for RJ71EIP91 SW1DNN-EIPCT-BD |
Affected:
Software version "1.01B" and prior
|
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T06:12:20.250Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.mitsubishielectric.co.jp/psirt/vulnerability/pdf/2023-004.pdf"
},
{
"tags": [
"x_transferred"
],
"url": "https://jvn.jp/vu/JVNVU92908006"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-2062",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-05T18:36:40.253808Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-05T18:58:15.223Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "EtherNet/IP Configuration tool for RJ71EIP91 SW1DNN-EIPCT-BD",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "Software version \"1.01B\" and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EtherNet/IP Configuration tool for FX5-ENET/IP SW1DNN-EIPCTFX5-BD",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "Software version \"1.01B\" and prior"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Missing Password Field Masking vulnerability in Mitsubishi Electric Corporation EtherNet/IP configuration tools SW1DNN-EIPCT-BD and SW1DNN-EIPCTFX5-BD allows a remote unauthenticated attacker to know the password for MELSEC iQ-R Series EtherNet/IP module RJ71EIP91 and MELSEC iQ-F Series EtherNet/IP module FX5-ENET/IP. This vulnerability results in authentication bypass vulnerability, which allows the attacker to access MELSEC iQ-R Series EtherNet/IP module RJ71EIP91 and MELSEC iQ-F Series EtherNet/IP module FX5-ENET/IP via FTP."
}
],
"value": "Missing Password Field Masking vulnerability in Mitsubishi Electric Corporation EtherNet/IP configuration tools SW1DNN-EIPCT-BD and SW1DNN-EIPCTFX5-BD allows a remote unauthenticated attacker to know the password for MELSEC iQ-R Series EtherNet/IP module RJ71EIP91 and MELSEC iQ-F Series EtherNet/IP module FX5-ENET/IP. This vulnerability results in authentication bypass vulnerability, which allows the attacker to access MELSEC iQ-R Series EtherNet/IP module RJ71EIP91 and MELSEC iQ-F Series EtherNet/IP module FX5-ENET/IP via FTP."
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": "Information Disclosure"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-549",
"description": "CWE-549 Missing Password Field Masking",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-31T22:37:13.620Z",
"orgId": "e0f77b61-78fd-4786-b3fb-1ee347a748ad",
"shortName": "Mitsubishi"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.mitsubishielectric.co.jp/psirt/vulnerability/pdf/2023-004.pdf"
},
{
"tags": [
"government-resource"
],
"url": "https://jvn.jp/vu/JVNVU92908006"
},
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-157-02"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Information Disclosure vulnerability in EtherNet/IP Configuration tools",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "e0f77b61-78fd-4786-b3fb-1ee347a748ad",
"assignerShortName": "Mitsubishi",
"cveId": "CVE-2023-2062",
"datePublished": "2023-06-02T04:04:28.648Z",
"dateReserved": "2023-04-14T08:44:07.523Z",
"dateUpdated": "2025-03-05T18:58:15.223Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-2061 (GCVE-0-2023-2061)
Vulnerability from cvelistv5 – Published: 2023-06-02 04:03 – Updated: 2025-03-05 18:58
VLAI?
Title
Authentication bypass vulnerability in MELSEC iQ-R Series / iQ-F Series EtherNet/IP Modules
Summary
Use of Hard-coded Password vulnerability in FTP function on Mitsubishi Electric Corporation MELSEC iQ-R Series EtherNet/IP module RJ71EIP91 and MELSEC iQ-F Series EtherNet/IP module FX5-ENET/IP allows a remote unauthenticated attacker to obtain a hard-coded password and access to the module via FTP.
Severity ?
6.2 (Medium)
CWE
- CWE-259 - Use of Hard-coded Password
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Mitsubishi Electric Corporation | MELSEC iQ-R Series EtherNet/IP module RJ71EIP91 |
Affected:
all versions
|
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T06:12:19.938Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.mitsubishielectric.co.jp/psirt/vulnerability/pdf/2023-004.pdf"
},
{
"tags": [
"x_transferred"
],
"url": "https://jvn.jp/vu/JVNVU92908006"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-2061",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-05T18:36:44.832977Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-05T18:58:23.764Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-R Series EtherNet/IP module RJ71EIP91",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series EtherNet/IP module FX5-ENET/IP",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Use of Hard-coded Password vulnerability in FTP function on Mitsubishi Electric Corporation MELSEC iQ-R Series EtherNet/IP module RJ71EIP91 and MELSEC iQ-F Series EtherNet/IP module FX5-ENET/IP allows a remote unauthenticated attacker to obtain a hard-coded password and access to the module via FTP."
}
],
"value": "Use of Hard-coded Password vulnerability in FTP function on Mitsubishi Electric Corporation MELSEC iQ-R Series EtherNet/IP module RJ71EIP91 and MELSEC iQ-F Series EtherNet/IP module FX5-ENET/IP allows a remote unauthenticated attacker to obtain a hard-coded password and access to the module via FTP."
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": "Authentication Bypass"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-259",
"description": "CWE-259 Use of Hard-coded Password",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-02T04:03:36.665Z",
"orgId": "e0f77b61-78fd-4786-b3fb-1ee347a748ad",
"shortName": "Mitsubishi"
},
"references": [
{
"url": "https://www.mitsubishielectric.co.jp/psirt/vulnerability/pdf/2023-004.pdf"
},
{
"url": "https://jvn.jp/vu/JVNVU92908006"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Authentication bypass vulnerability in MELSEC iQ-R Series / iQ-F Series EtherNet/IP Modules",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "e0f77b61-78fd-4786-b3fb-1ee347a748ad",
"assignerShortName": "Mitsubishi",
"cveId": "CVE-2023-2061",
"datePublished": "2023-06-02T04:03:36.665Z",
"dateReserved": "2023-04-14T08:44:04.100Z",
"dateUpdated": "2025-03-05T18:58:23.764Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-2060 (GCVE-0-2023-2060)
Vulnerability from cvelistv5 – Published: 2023-06-02 04:02 – Updated: 2025-03-05 18:58
VLAI?
Title
Authentication bypass vulnerability in MELSEC iQ-R Series / iQ-F Series EtherNet/IP Modules
Summary
Weak Password Requirements vulnerability in FTP function on Mitsubishi Electric Corporation MELSEC iQ-R Series EtherNet/IP module RJ71EIP91 and MELSEC iQ-F Series EtherNet/IP module FX5-ENET/IP allows a remote unauthenticated attacker to access to the module via FTP by dictionary attack or password sniffing.
Severity ?
7.5 (High)
CWE
- CWE-521 - Weak Password Requirements
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Mitsubishi Electric Corporation | MELSEC iQ-R Series EtherNet/IP module RJ71EIP91 |
Affected:
all versions
|
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T06:12:19.945Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.mitsubishielectric.co.jp/psirt/vulnerability/pdf/2023-004.pdf"
},
{
"tags": [
"x_transferred"
],
"url": "https://jvn.jp/vu/JVNVU92908006"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-2060",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-05T18:39:17.820623Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-05T18:58:31.287Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-R Series EtherNet/IP module RJ71EIP91",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series EtherNet/IP module FX5-ENET/IP",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Weak Password Requirements vulnerability in FTP function on Mitsubishi Electric Corporation MELSEC iQ-R Series EtherNet/IP module RJ71EIP91 and MELSEC iQ-F Series EtherNet/IP module FX5-ENET/IP allows a remote unauthenticated attacker to access to the module via FTP by dictionary attack or password sniffing."
}
],
"value": "Weak Password Requirements vulnerability in FTP function on Mitsubishi Electric Corporation MELSEC iQ-R Series EtherNet/IP module RJ71EIP91 and MELSEC iQ-F Series EtherNet/IP module FX5-ENET/IP allows a remote unauthenticated attacker to access to the module via FTP by dictionary attack or password sniffing."
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": "Authentication Bypass"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-521",
"description": "CWE-521 Weak Password Requirements",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-02T04:02:32.377Z",
"orgId": "e0f77b61-78fd-4786-b3fb-1ee347a748ad",
"shortName": "Mitsubishi"
},
"references": [
{
"url": "https://www.mitsubishielectric.co.jp/psirt/vulnerability/pdf/2023-004.pdf"
},
{
"url": "https://jvn.jp/vu/JVNVU92908006"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Authentication bypass vulnerability in MELSEC iQ-R Series / iQ-F Series EtherNet/IP Modules",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "e0f77b61-78fd-4786-b3fb-1ee347a748ad",
"assignerShortName": "Mitsubishi",
"cveId": "CVE-2023-2060",
"datePublished": "2023-06-02T04:02:32.377Z",
"dateReserved": "2023-04-14T08:43:59.259Z",
"dateUpdated": "2025-03-05T18:58:31.287Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-0457 (GCVE-0-2023-0457)
Vulnerability from cvelistv5 – Published: 2023-03-03 04:18 – Updated: 2025-03-05 20:02
VLAI?
Title
Information Disclosure Vulnerability in MELSEC Series
Summary
Plaintext Storage of a Password vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series, MELSEC iQ-R Series, MELSEC-Q Series and MELSEC-L Series allows a remote unauthenticated attacker to disclose plaintext credentials stored in project files and login into FTP server or Web server.
Severity ?
7.5 (High)
CWE
- CWE-256 - Plaintext Storage of a Password
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Mitsubishi Electric Corporation | MELSEC iQ-F Series FX5U-32MT/ES |
Affected:
all versions
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T05:10:56.351Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-023_en.pdf"
},
{
"tags": [
"x_transferred"
],
"url": "https://jvn.jp/vu/JVNVU93891523/index.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-061-01"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-0457",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-05T20:02:13.840915Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-05T20:02:32.364Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5U-32MT/ES",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5U-64MT/ES",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5U-80MT/ES",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5U-32MR/ES",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5U-64MR/ES",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5U-80MR/ES",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5U-32MT/DS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5U-64MT/DS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5U-80MT/DS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5U-32MR/DS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5U-64MR/DS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5U-80MR/DS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5U-32MT/ESS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5U-64MT/ESS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5U-80MT/ESS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5U-32MT/DSS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5U-64MT/DSS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5U-80MT/DSS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UC-32MT/D",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UC-64MT/D",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UC-96MT/D",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UC-32MT/DSS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UC-64MT/DSS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UC-96MT/DSS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UC-32MT/DS-TS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UC-32MT/DSS-TS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UC-32MR/DS-TS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UJ-24MT/ES",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UJ-40MT/ES",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UJ-60MT/ES",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UJ-24MR/ES",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UJ-40MR/ES",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UJ-60MR/ES",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UJ-24MT/ESS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UJ-40MT/ESS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UJ-60MT/ESS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UJ-24MT/ES-A",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UJ-40MT/ES-A",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UJ-60MT/ES-A",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UJ-24MR/ES-A",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UJ-40MR/ES-A",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UJ-60MR/ES-A",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5S-30MT/ES",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5S-40MT/ES",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5S-60MT/ES",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5S-80MT/ES",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5S-30MR/ES",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5S-40MR/ES",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5S-60MR/ES",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5S-80MR/ES",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5S-30MT/ESS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5S-40MT/ESS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5S-60MT/ESS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5S-80MT/ESS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5-ENET",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5-ENET/IP",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-R Series R00CPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-R Series R01CPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-R Series R02CPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-R Series R04CPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-R Series R08CPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-R Series R16CPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-R Series R32CPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-R Series R120CPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-R Series R04ENCPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-R Series R08ENCPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-R Series R16ENCPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-R Series R32ENCPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-R Series R120ENCPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-R Series R08SFCPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-R Series R16SFCPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-R Series R32SFCPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-R Series R120SFCPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-R Series R08PCPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-R Series R16PCPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-R Series R32PCPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-R Series R120PCPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-R Series R08PSFCPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-R Series R16PSFCPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-R Series R32PSFCPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-R Series R120PSFCPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-R Series RJ71EN71",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-R Series R12CCPU-V",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC-Q Series Q03UDECPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC-Q Series Q04UDEHCPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC-Q Series Q06UDEHCPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC-Q Series Q10UDEHCPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC-Q Series Q13UDEHCPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC-Q Series Q20UDEHCPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC-Q Series Q26UDEHCPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC-Q Series Q50UDEHCPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC-Q Series Q100UDEHCPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC-Q Series Q03UDVCPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC-Q Series Q04UDVCPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC-Q Series Q06UDVCPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC-Q Series Q13UDVCPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC-Q Series Q26UDVCPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC-Q Series Q04UDPVCPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC-Q Series Q06UDPVCPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC-Q Series Q13UDPVCPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC-Q Series Q26UDPVCPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC-Q Series QJ71E71-100",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC-L Series L02CPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC-L Series L06CPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC-L Series L26CPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC-L Series L02CPU-P",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC-L Series L06CPU-P",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC-L Series L26CPU-P",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC-L Series L26CPU-BT",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC-L Series L26CPU-PBT",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC-L Series LJ71E71-100",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Plaintext Storage of a Password vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series, MELSEC iQ-R Series, MELSEC-Q Series and MELSEC-L Series allows a remote unauthenticated attacker to disclose plaintext credentials stored in project files and login into FTP server or Web server."
}
],
"value": "Plaintext Storage of a Password vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series, MELSEC iQ-R Series, MELSEC-Q Series and MELSEC-L Series allows a remote unauthenticated attacker to disclose plaintext credentials stored in project files and login into FTP server or Web server."
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": "Information disclosure"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-256",
"description": "CWE-256 Plaintext Storage of a Password",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-21T04:21:45.500Z",
"orgId": "e0f77b61-78fd-4786-b3fb-1ee347a748ad",
"shortName": "Mitsubishi"
},
"references": [
{
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-023_en.pdf"
},
{
"url": "https://jvn.jp/vu/JVNVU93891523/index.html"
},
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-061-01"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Information Disclosure Vulnerability in MELSEC Series",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "e0f77b61-78fd-4786-b3fb-1ee347a748ad",
"assignerShortName": "Mitsubishi",
"cveId": "CVE-2023-0457",
"datePublished": "2023-03-03T04:18:15.787Z",
"dateReserved": "2023-01-24T08:55:21.468Z",
"dateUpdated": "2025-03-05T20:02:32.364Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-16226 (GCVE-0-2020-16226)
Vulnerability from cvelistv5 – Published: 2020-10-05 17:19 – Updated: 2024-09-17 00:25
VLAI?
Title
Mitsubishi Electric Multiple Products
Summary
Multiple Mitsubishi Electric products are vulnerable to impersonations of a legitimate device by a malicious actor, which may allow an attacker to remotely execute arbitrary commands.
Severity ?
No CVSS data available.
CWE
- CWE-342 - PREDICTABLE EXACT VALUE FROM PREVIOUS VALUES CWE-342
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Mitsubishi Electric | QJ71MES96 |
Affected:
all versions
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Date Public ?
2020-09-01 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T13:37:54.189Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-245-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "QJ71MES96",
"vendor": "Mitsubishi Electric",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"product": "QJ71WS96",
"vendor": "Mitsubishi Electric",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"product": "Q06CCPU-V",
"vendor": "Mitsubishi Electric",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"product": "Q24DHCCPU-V",
"vendor": "Mitsubishi Electric",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"product": "Q24DHCCPU-VG",
"vendor": "Mitsubishi Electric",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"product": "R12CCPU-V",
"vendor": "Mitsubishi Electric",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"product": "RD55UP06-V,",
"vendor": "Mitsubishi Electric",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"product": "D55UP12-V",
"vendor": "Mitsubishi Electric",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"product": "RJ71GN11-T2",
"vendor": "Mitsubishi Electric",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"product": "RJ71EN71",
"vendor": "Mitsubishi Electric",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"product": "QJ71E71-100",
"vendor": "Mitsubishi Electric",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"product": "LJ71E71-100",
"vendor": "Mitsubishi Electric",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"product": "QJ71MT91",
"vendor": "Mitsubishi Electric",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"product": "RD78Gn(n=4,8,16,32,64)",
"vendor": "Mitsubishi Electric",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"product": "RD78GHV",
"vendor": "Mitsubishi Electric",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"product": "RD78GHW",
"vendor": "Mitsubishi Electric",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"product": "NZ2GACP620-60",
"vendor": "Mitsubishi Electric",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"product": "NZ2GACP620-300",
"vendor": "Mitsubishi Electric",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"product": "NZ2FT-MT",
"vendor": "Mitsubishi Electric",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"product": "NZ2FT-EIP",
"vendor": "Mitsubishi Electric",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"product": "Q03UDECPU",
"vendor": "Mitsubishi Electric",
"versions": [
{
"status": "affected",
"version": "the first 5 digits of serial number 22081 and prior"
}
]
},
{
"product": "QnUDEHCPU(n=04/06/10/13/20/26/50/100)",
"vendor": "Mitsubishi Electric",
"versions": [
{
"status": "affected",
"version": "the first 5 digits of serial number 22081 and prior"
}
]
},
{
"product": "QnUDVCPU(n=03/04/06/13/26)",
"vendor": "Mitsubishi Electric",
"versions": [
{
"status": "affected",
"version": "the first 5 digits of serial number 22031 and prior"
}
]
},
{
"product": "QnUDPVCPU(n=04/06/13/2)",
"vendor": "Mitsubishi Electric",
"versions": [
{
"status": "affected",
"version": "the first 5 digits of serial number 22031 and prior"
}
]
},
{
"product": "LnCPU(-P)(n=02/06/26)",
"vendor": "Mitsubishi Electric",
"versions": [
{
"status": "affected",
"version": "the first 5 digits of serial number 22051 and prior"
}
]
},
{
"product": "L26CPU-(P)BT",
"vendor": "Mitsubishi Electric",
"versions": [
{
"status": "affected",
"version": "the first 5 digits of serial number 22051 and prior"
}
]
},
{
"product": "RnCPU(n=00/01/02)",
"vendor": "Mitsubishi Electric",
"versions": [
{
"lessThan": "Version 18 and prior",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "RnCPU(n=04/08/16/32/120)",
"vendor": "Mitsubishi Electric",
"versions": [
{
"lessThan": "Version 50 and prior",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "RnENCPU(n=04/08/16/32/120)",
"vendor": "Mitsubishi Electric",
"versions": [
{
"lessThan": "Version 50 and prior",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "RnSFCPU (n=08/16/32/120)",
"vendor": "Mitsubishi Electric",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"product": "RnPCPU(n=08/16/32/120)",
"vendor": "Mitsubishi Electric",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"product": "RnPSFCPU(n=08/16/32/120)",
"vendor": "Mitsubishi Electric",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"product": "FX5U(C)-**M*/**",
"vendor": "Mitsubishi Electric",
"versions": [
{
"lessThan": "Serial number 17X**** or later: Version 1.210 and prior",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "Serial number 179**** and prior: Version 1.070 and prior",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "FX5UC-32M*/**-TS",
"vendor": "Mitsubishi Electric",
"versions": [
{
"lessThan": "Version 1.210 and prior",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "FX5UJ-**M*/**",
"vendor": "Mitsubishi Electric",
"versions": [
{
"status": "affected",
"version": "Version 1.000"
}
]
},
{
"product": "FX5-ENET",
"vendor": "Mitsubishi Electric",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"product": "FX5-ENET/IP",
"vendor": "Mitsubishi Electric",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"product": "FX3U-ENET-ADP",
"vendor": "Mitsubishi Electric",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"product": "FX3GE-**M*/**",
"vendor": "Mitsubishi Electric",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"product": "FX3U-ENET",
"vendor": "Mitsubishi Electric",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"product": "FX3U-ENET-L",
"vendor": "Mitsubishi Electric",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"product": "FX3U-ENET-P502",
"vendor": "Mitsubishi Electric",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"product": "FX5-CCLGN-MS",
"vendor": "Mitsubishi Electric",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"product": "IU1-1M20-D",
"vendor": "Mitsubishi Electric",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"product": "LE7-40GU-L",
"vendor": "Mitsubishi Electric",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"product": "GOT2000 Series GT21 Model",
"vendor": "Mitsubishi Electric",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"product": "GS Series",
"vendor": "Mitsubishi Electric",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"product": "GOT1000 Series GT14 Model",
"vendor": "Mitsubishi Electric",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"product": "GT25-J71GN13-T2",
"vendor": "Mitsubishi Electric",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"product": "FR-A800-E Series",
"vendor": "Mitsubishi Electric",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"product": "FR-F800-E Series",
"vendor": "Mitsubishi Electric",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"product": "FR-A8NCG",
"vendor": "Mitsubishi Electric",
"versions": [
{
"status": "affected",
"version": "Production date August 2020 and prior"
}
]
},
{
"product": "FR-E800-EPA Series",
"vendor": "Mitsubishi Electric",
"versions": [
{
"status": "affected",
"version": "Production date July 2020 and prior"
}
]
},
{
"product": "FR-E800-EPB Series",
"vendor": "Mitsubishi Electric",
"versions": [
{
"status": "affected",
"version": "Production date July 2020 and prior"
}
]
},
{
"product": "Conveyor Tracking Application",
"vendor": "Mitsubishi Electric",
"versions": [
{
"status": "affected",
"version": "APR-nTR3FH all versions"
},
{
"status": "affected",
"version": "APR-nTR6FH all versions"
},
{
"status": "affected",
"version": "APR-nTR12FH all versions"
},
{
"status": "affected",
"version": "APR-nTR20FH(n=1,2) all versions"
}
]
},
{
"product": "MR-JE-C",
"vendor": "Mitsubishi Electric",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"product": "MR-J4-TM",
"vendor": "Mitsubishi Electric",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
}
],
"datePublic": "2020-09-01T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple Mitsubishi Electric products are vulnerable to impersonations of a legitimate device by a malicious actor, which may allow an attacker to remotely execute arbitrary commands."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-342",
"description": "PREDICTABLE EXACT VALUE FROM PREVIOUS VALUES CWE-342",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-05T17:19:17.000Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-245-01"
}
],
"source": {
"advisory": "ICSA-20-245-01",
"discovery": "UNKNOWN"
},
"title": "Mitsubishi Electric Multiple Products",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"DATE_PUBLIC": "2020-09-01T16:00:00.000Z",
"ID": "CVE-2020-16226",
"STATE": "PUBLIC",
"TITLE": "Mitsubishi Electric Multiple Products"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "QJ71MES96",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "all versions"
}
]
}
},
{
"product_name": "QJ71WS96",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "all versions"
}
]
}
},
{
"product_name": "Q06CCPU-V",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "all versions"
}
]
}
},
{
"product_name": "Q24DHCCPU-V",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "all versions"
}
]
}
},
{
"product_name": "Q24DHCCPU-VG",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "all versions"
}
]
}
},
{
"product_name": "R12CCPU-V",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "all versions"
}
]
}
},
{
"product_name": "RD55UP06-V,",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "all versions"
}
]
}
},
{
"product_name": "D55UP12-V",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "all versions"
}
]
}
},
{
"product_name": "RJ71GN11-T2",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "all versions"
}
]
}
},
{
"product_name": "RJ71EN71",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "all versions"
}
]
}
},
{
"product_name": "QJ71E71-100",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "all versions"
}
]
}
},
{
"product_name": "LJ71E71-100",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "all versions"
}
]
}
},
{
"product_name": "QJ71MT91",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "all versions"
}
]
}
},
{
"product_name": "RD78Gn(n=4,8,16,32,64)",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "all versions"
}
]
}
},
{
"product_name": "RD78GHV",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "all versions"
}
]
}
},
{
"product_name": "RD78GHW",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "all versions"
}
]
}
},
{
"product_name": "NZ2GACP620-60",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "all versions"
}
]
}
},
{
"product_name": "NZ2GACP620-300",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "all versions"
}
]
}
},
{
"product_name": "NZ2FT-MT",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "all versions"
}
]
}
},
{
"product_name": "NZ2FT-EIP",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "all versions"
}
]
}
},
{
"product_name": "Q03UDECPU",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "the first 5 digits of serial number 22081 and prior"
}
]
}
},
{
"product_name": "QnUDEHCPU(n=04/06/10/13/20/26/50/100)",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "the first 5 digits of serial number 22081 and prior"
}
]
}
},
{
"product_name": "QnUDVCPU(n=03/04/06/13/26)",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "the first 5 digits of serial number 22031 and prior"
}
]
}
},
{
"product_name": "QnUDPVCPU(n=04/06/13/2)",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "the first 5 digits of serial number 22031 and prior"
}
]
}
},
{
"product_name": "LnCPU(-P)(n=02/06/26)",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "the first 5 digits of serial number 22051 and prior"
}
]
}
},
{
"product_name": "L26CPU-(P)BT",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "the first 5 digits of serial number 22051 and prior"
}
]
}
},
{
"product_name": "RnCPU(n=00/01/02)",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "Version 18 and prior"
}
]
}
},
{
"product_name": "RnCPU(n=04/08/16/32/120)",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "Version 50 and prior"
}
]
}
},
{
"product_name": "RnENCPU(n=04/08/16/32/120)",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "Version 50 and prior"
}
]
}
},
{
"product_name": "RnSFCPU (n=08/16/32/120)",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "all versions"
}
]
}
},
{
"product_name": "RnPCPU(n=08/16/32/120)",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "all versions"
}
]
}
},
{
"product_name": "RnPSFCPU(n=08/16/32/120)",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "all versions"
}
]
}
},
{
"product_name": "FX5U(C)-**M*/**",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "Serial number 17X**** or later: Version 1.210 and prior"
},
{
"version_affected": "\u003c",
"version_value": "Serial number 179**** and prior: Version 1.070 and prior"
}
]
}
},
{
"product_name": "FX5UC-32M*/**-TS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "Version 1.210 and prior"
}
]
}
},
{
"product_name": "FX5UJ-**M*/**",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "Version 1.000"
}
]
}
},
{
"product_name": "FX5-ENET",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "all versions"
}
]
}
},
{
"product_name": "FX5-ENET/IP",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "all versions"
}
]
}
},
{
"product_name": "FX3U-ENET-ADP",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "all versions"
}
]
}
},
{
"product_name": "FX3GE-**M*/**",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "all versions"
}
]
}
},
{
"product_name": "FX3U-ENET",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "all versions"
}
]
}
},
{
"product_name": "FX3U-ENET-L",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "all versions"
}
]
}
},
{
"product_name": "FX3U-ENET-P502",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "all versions"
}
]
}
},
{
"product_name": "FX5-CCLGN-MS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "all versions"
}
]
}
},
{
"product_name": "IU1-1M20-D",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "all versions"
}
]
}
},
{
"product_name": "LE7-40GU-L",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "all versions"
}
]
}
},
{
"product_name": "GOT2000 Series GT21 Model",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "all versions"
}
]
}
},
{
"product_name": "GS Series",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "all versions"
}
]
}
},
{
"product_name": "GOT1000 Series GT14 Model",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "all versions"
}
]
}
},
{
"product_name": "GT25-J71GN13-T2",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "all versions"
}
]
}
},
{
"product_name": "FR-A800-E Series",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "all versions"
}
]
}
},
{
"product_name": "FR-F800-E Series",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "all versions"
}
]
}
},
{
"product_name": "FR-A8NCG",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "Production date August 2020 and prior"
}
]
}
},
{
"product_name": "FR-E800-EPA Series",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "Production date July 2020 and prior"
}
]
}
},
{
"product_name": "FR-E800-EPB Series",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "Production date July 2020 and prior"
}
]
}
},
{
"product_name": "Conveyor Tracking Application",
"version": {
"version_data": [
{
"version_affected": "=",
"version_name": "APR-nTR3FH",
"version_value": "all versions"
},
{
"version_affected": "=",
"version_name": "APR-nTR6FH",
"version_value": "all versions"
},
{
"version_affected": "=",
"version_name": "APR-nTR12FH",
"version_value": "all versions"
},
{
"version_affected": "=",
"version_name": "APR-nTR20FH(n=1,2)",
"version_value": "all versions"
}
]
}
},
{
"product_name": "MR-JE-C",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "all versions"
}
]
}
},
{
"product_name": "MR-J4-TM",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "all versions"
}
]
}
}
]
},
"vendor_name": "Mitsubishi Electric"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple Mitsubishi Electric products are vulnerable to impersonations of a legitimate device by a malicious actor, which may allow an attacker to remotely execute arbitrary commands."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "PREDICTABLE EXACT VALUE FROM PREVIOUS VALUES CWE-342"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://us-cert.cisa.gov/ics/advisories/icsa-20-245-01",
"refsource": "MISC",
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-245-01"
}
]
},
"source": {
"advisory": "ICSA-20-245-01",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2020-16226",
"datePublished": "2020-10-05T17:19:17.358Z",
"dateReserved": "2020-07-31T00:00:00.000Z",
"dateUpdated": "2024-09-17T00:25:38.551Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}