Search

Find a vulnerability

Search criteria

    4 vulnerabilities found for qj71e71-100 by mitsubishielectric

    VAR-201702-0077

    Vulnerability from variot - Updated: 2025-04-20 23:34

    An issue was discovered in Mitsubishi Electric Automation MELSEC-Q series Ethernet interface modules QJ71E71-100, all versions, QJ71E71-B5, all versions, and QJ71E71-B2, all versions. Weakly encrypted passwords are transmitted to a MELSEC-Q PLC. Using incomplete or dangerous encryption algorithms (CWE-327) - CVE-2016-8370 The password included in the communication data is encrypted with a weak encryption algorithm. Inappropriate restrictions on external operations (CWE-412) - CVE-2016-8368 Port by remote third party 5002/TCP via PLC Resulting in service disruption (DoS) There is a possibility of being attacked.A password may be obtained by a remote party or service operation may be interrupted (DoS) There is a possibility of being attacked. Mitsubishi Electric is a Japanese company. An attacker exploits a vulnerability to perform an unauthorized operation

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201702-0077",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "qj71e71-b2",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mitsubishielectric",
            "version": null
          },
          {
            "model": "qj71e71-b5",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mitsubishielectric",
            "version": null
          },
          {
            "model": "qj71e71-100",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mitsubishielectric",
            "version": null
          },
          {
            "model": "electric qj71e71-100",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "mitsubishi",
            "version": "0"
          },
          {
            "model": "electric qj71e71-b2",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "mitsubishi",
            "version": "0"
          },
          {
            "model": "electric qj71e71-b5",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "mitsubishi",
            "version": "0"
          },
          {
            "model": "qj71e71-100",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "mitsubishi electric",
            "version": "of"
          },
          {
            "model": "qj71e71-b2",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "mitsubishi electric",
            "version": "of"
          },
          {
            "model": "qj71e71-b5",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "mitsubishi electric",
            "version": "of"
          },
          {
            "model": "qj71e71-b2",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "mitsubishi electric",
            "version": null
          },
          {
            "model": "qj71e71-100",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "mitsubishi electric",
            "version": null
          },
          {
            "model": "qj71e71-b5",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "mitsubishi electric",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "qj71e71 100",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "qj71e71 b5",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "qj71e71 b2",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "e9b21e03-b557-44eb-b380-01d11c51c00c"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2016-11833"
          },
          {
            "db": "BID",
            "id": "94632"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2016-007661"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201702-463"
          },
          {
            "db": "NVD",
            "id": "CVE-2016-8370"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:mitsubishielectric:qj71e71-100_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:mitsubishielectric:qj71e71-b2_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:mitsubishielectric:qj71e71-b5_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2016-007661"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Vladimir Dashchenko of Critical Infrastructure Defense Team",
        "sources": [
          {
            "db": "BID",
            "id": "94632"
          }
        ],
        "trust": 0.3
      },
      "cve": "CVE-2016-8370",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 5.0,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "CVE-2016-8370",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 1.0,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Network",
                "authentication": "None",
                "author": "IPA",
                "availabilityImpact": "None",
                "baseScore": 7.8,
                "confidentialityImpact": "Complete",
                "exploitabilityScore": null,
                "id": "JVNDB-2016-007661",
                "impactScore": null,
                "integrityImpact": "None",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "High",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "NONE",
                "baseScore": 7.8,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "CNVD-2016-11833",
                "impactScore": 6.9,
                "integrityImpact": "NONE",
                "severity": "HIGH",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "IVD",
                "availabilityImpact": "NONE",
                "baseScore": 7.8,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "e9b21e03-b557-44eb-b380-01d11c51c00c",
                "impactScore": 6.9,
                "integrityImpact": "NONE",
                "severity": "HIGH",
                "trust": 0.2,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
                "version": "2.9 [IVD]"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "NONE",
                "baseScore": 5.0,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "VHN-97190",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2016-8370",
                "impactScore": 3.6,
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "IPA",
                "availabilityImpact": "None",
                "baseScore": 8.6,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2016-007661",
                "impactScore": null,
                "integrityImpact": "None",
                "privilegesRequired": "None",
                "scope": "Changed",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2016-8370",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "IPA",
                "id": "JVNDB-2016-007661",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2016-11833",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201702-463",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "IVD",
                "id": "e9b21e03-b557-44eb-b380-01d11c51c00c",
                "trust": 0.2,
                "value": "MEDIUM"
              },
              {
                "author": "VULHUB",
                "id": "VHN-97190",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "e9b21e03-b557-44eb-b380-01d11c51c00c"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2016-11833"
          },
          {
            "db": "VULHUB",
            "id": "VHN-97190"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2016-007661"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201702-463"
          },
          {
            "db": "NVD",
            "id": "CVE-2016-8370"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "An issue was discovered in Mitsubishi Electric Automation MELSEC-Q series Ethernet interface modules QJ71E71-100, all versions, QJ71E71-B5, all versions, and QJ71E71-B2, all versions. Weakly encrypted passwords are transmitted to a MELSEC-Q PLC. Using incomplete or dangerous encryption algorithms (CWE-327) - CVE-2016-8370 The password included in the communication data is encrypted with a weak encryption algorithm. Inappropriate restrictions on external operations (CWE-412) - CVE-2016-8368 Port by remote third party 5002/TCP via PLC Resulting in service disruption (DoS) There is a possibility of being attacked.A password may be obtained by a remote party or service operation may be interrupted (DoS) There is a possibility of being attacked. Mitsubishi Electric is a Japanese company. An attacker exploits a vulnerability to perform an unauthorized operation",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2016-8370"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2016-007661"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2016-11833"
          },
          {
            "db": "BID",
            "id": "94632"
          },
          {
            "db": "IVD",
            "id": "e9b21e03-b557-44eb-b380-01d11c51c00c"
          },
          {
            "db": "VULHUB",
            "id": "VHN-97190"
          }
        ],
        "trust": 2.7
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2016-8370",
            "trust": 3.6
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-16-336-03",
            "trust": 3.4
          },
          {
            "db": "BID",
            "id": "94632",
            "trust": 2.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201702-463",
            "trust": 0.9
          },
          {
            "db": "CNVD",
            "id": "CNVD-2016-11833",
            "trust": 0.8
          },
          {
            "db": "JVN",
            "id": "JVNVU99901500",
            "trust": 0.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2016-007661",
            "trust": 0.8
          },
          {
            "db": "IVD",
            "id": "E9B21E03-B557-44EB-B380-01D11C51C00C",
            "trust": 0.2
          },
          {
            "db": "VULHUB",
            "id": "VHN-97190",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "e9b21e03-b557-44eb-b380-01d11c51c00c"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2016-11833"
          },
          {
            "db": "VULHUB",
            "id": "VHN-97190"
          },
          {
            "db": "BID",
            "id": "94632"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2016-007661"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201702-463"
          },
          {
            "db": "NVD",
            "id": "CVE-2016-8370"
          }
        ]
      },
      "id": "VAR-201702-0077",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "IVD",
            "id": "e9b21e03-b557-44eb-b380-01d11c51c00c"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2016-11833"
          },
          {
            "db": "VULHUB",
            "id": "VHN-97190"
          }
        ],
        "trust": 1.7055555333333334
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "ICS",
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          },
          {
            "category": [
              "ICS"
            ],
            "sub_category": null,
            "trust": 0.2
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "e9b21e03-b557-44eb-b380-01d11c51c00c"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2016-11833"
          }
        ]
      },
      "last_update_date": "2025-04-20T23:34:29.489000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "\u4e09\u83f1\u96fb\u6a5f\u682a\u5f0f\u4f1a\u793e\u304b\u3089\u306e\u60c5\u5831",
            "trust": 0.8,
            "url": "http://jvn.jp/vu/JVNVU99901500/479518/index.html"
          },
          {
            "title": "Multiple Mitsubishi Electric MELSEC-Q series products have patches for security bypass vulnerabilities",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/84929"
          },
          {
            "title": "Multiple Mitsubishi Electric Automation MELSEC-Q Repair measures for series product security vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=67753"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2016-11833"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2016-007661"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201702-463"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-327",
            "trust": 1.9
          },
          {
            "problemtype": "CWE-399",
            "trust": 0.8
          },
          {
            "problemtype": "CWE-412",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-97190"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2016-007661"
          },
          {
            "db": "NVD",
            "id": "CVE-2016-8370"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 3.4,
            "url": "https://ics-cert.us-cert.gov/advisories/icsa-16-336-03"
          },
          {
            "trust": 1.7,
            "url": "http://www.securityfocus.com/bid/94632"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-8370"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-8368"
          },
          {
            "trust": 0.8,
            "url": "http://jvn.jp/vu/jvnvu99901500/index.html"
          },
          {
            "trust": 0.8,
            "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-8370"
          },
          {
            "trust": 0.8,
            "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-8368"
          },
          {
            "trust": 0.3,
            "url": "http://www.mrslim.com/home.asp"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2016-11833"
          },
          {
            "db": "VULHUB",
            "id": "VHN-97190"
          },
          {
            "db": "BID",
            "id": "94632"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2016-007661"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201702-463"
          },
          {
            "db": "NVD",
            "id": "CVE-2016-8370"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "IVD",
            "id": "e9b21e03-b557-44eb-b380-01d11c51c00c"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2016-11833"
          },
          {
            "db": "VULHUB",
            "id": "VHN-97190"
          },
          {
            "db": "BID",
            "id": "94632"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2016-007661"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201702-463"
          },
          {
            "db": "NVD",
            "id": "CVE-2016-8370"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2016-12-05T00:00:00",
            "db": "IVD",
            "id": "e9b21e03-b557-44eb-b380-01d11c51c00c"
          },
          {
            "date": "2016-12-05T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2016-11833"
          },
          {
            "date": "2017-02-13T00:00:00",
            "db": "VULHUB",
            "id": "VHN-97190"
          },
          {
            "date": "2016-12-01T00:00:00",
            "db": "BID",
            "id": "94632"
          },
          {
            "date": "2017-03-09T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2016-007661"
          },
          {
            "date": "2017-02-15T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201702-463"
          },
          {
            "date": "2017-02-13T21:59:01.220000",
            "db": "NVD",
            "id": "CVE-2016-8370"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2016-12-05T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2016-11833"
          },
          {
            "date": "2017-03-15T00:00:00",
            "db": "VULHUB",
            "id": "VHN-97190"
          },
          {
            "date": "2016-12-20T00:06:00",
            "db": "BID",
            "id": "94632"
          },
          {
            "date": "2017-04-05T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2016-007661"
          },
          {
            "date": "2021-05-18T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201702-463"
          },
          {
            "date": "2025-04-20T01:37:25.860000",
            "db": "NVD",
            "id": "CVE-2016-8370"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201702-463"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Mitsubishi Electric  MELSEC-Q Series  Ethernet Multiple vulnerabilities in interface module",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2016-007661"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "encryption problem",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201702-463"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201702-0075

    Vulnerability from variot - Updated: 2025-04-20 23:34

    An issue was discovered in Mitsubishi Electric Automation MELSEC-Q series Ethernet interface modules QJ71E71-100, all versions, QJ71E71-B5, all versions, and QJ71E71-B2, all versions. The affected Ethernet interface module is connected to a MELSEC-Q PLC, which may allow a remote attacker to connect to the PLC via Port 5002/TCP and cause a denial of service, requiring the PLC to be reset to resume operation. This is caused by an Unrestricted Externally Accessible Lock. Using incomplete or dangerous encryption algorithms (CWE-327) - CVE-2016-8370 The password included in the communication data is encrypted with a weak encryption algorithm. Inappropriate restrictions on external operations (CWE-412) - CVE-2016-8368 Port by remote third party 5002/TCP via PLC Resulting in service disruption (DoS) There is a possibility of being attacked.A password may be obtained by a remote party or service operation may be interrupted (DoS) There is a possibility of being attacked. Mitsubishi Electric is a Japanese company. An attacker exploiting a vulnerability can result in a denial of service condition. Attackers can exploit these issues to perform unauthorized actions or cause denial-of-service conditions

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201702-0075",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "qj71e71-b2",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mitsubishielectric",
            "version": null
          },
          {
            "model": "qj71e71-b5",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mitsubishielectric",
            "version": null
          },
          {
            "model": "qj71e71-100",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mitsubishielectric",
            "version": null
          },
          {
            "model": "electric qj71e71-100",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "mitsubishi",
            "version": "0"
          },
          {
            "model": "electric qj71e71-b2",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "mitsubishi",
            "version": "0"
          },
          {
            "model": "electric qj71e71-b5",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "mitsubishi",
            "version": "0"
          },
          {
            "model": "qj71e71-100",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "mitsubishi electric",
            "version": "of"
          },
          {
            "model": "qj71e71-b2",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "mitsubishi electric",
            "version": "of"
          },
          {
            "model": "qj71e71-b5",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "mitsubishi electric",
            "version": "of"
          },
          {
            "model": "qj71e71-b2",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "mitsubishi electric",
            "version": null
          },
          {
            "model": "qj71e71-100",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "mitsubishi electric",
            "version": null
          },
          {
            "model": "qj71e71-b5",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "mitsubishi electric",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "qj71e71 100",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "qj71e71 b5",
            "version": null
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "qj71e71 b2",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "218c8ddf-ae70-4d34-ab2c-7271d1a5a80f"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2016-11832"
          },
          {
            "db": "BID",
            "id": "94632"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2016-007661"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201612-009"
          },
          {
            "db": "NVD",
            "id": "CVE-2016-8368"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:mitsubishielectric:qj71e71-100_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:mitsubishielectric:qj71e71-b2_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:mitsubishielectric:qj71e71-b5_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2016-007661"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Vladimir Dashchenko of Critical Infrastructure Defense Team",
        "sources": [
          {
            "db": "BID",
            "id": "94632"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201612-009"
          }
        ],
        "trust": 0.9
      },
      "cve": "CVE-2016-8368",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.0,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2016-8368",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 1.0,
                "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Network",
                "authentication": "None",
                "author": "IPA",
                "availabilityImpact": "None",
                "baseScore": 7.8,
                "confidentialityImpact": "Complete",
                "exploitabilityScore": null,
                "id": "JVNDB-2016-007661",
                "impactScore": null,
                "integrityImpact": "None",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "High",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 7.8,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "id": "CNVD-2016-11832",
                "impactScore": 6.9,
                "integrityImpact": "NONE",
                "severity": "HIGH",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "IVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 7.8,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "id": "218c8ddf-ae70-4d34-ab2c-7271d1a5a80f",
                "impactScore": 6.9,
                "integrityImpact": "NONE",
                "severity": "HIGH",
                "trust": 0.2,
                "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
                "version": "2.9 [IVD]"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.0,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "id": "VHN-97188",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 8.6,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 3.9,
                "id": "CVE-2016-8368",
                "impactScore": 4.0,
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "IPA",
                "availabilityImpact": "None",
                "baseScore": 8.6,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2016-007661",
                "impactScore": null,
                "integrityImpact": "None",
                "privilegesRequired": "None",
                "scope": "Changed",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2016-8368",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "IPA",
                "id": "JVNDB-2016-007661",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2016-11832",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201612-009",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "IVD",
                "id": "218c8ddf-ae70-4d34-ab2c-7271d1a5a80f",
                "trust": 0.2,
                "value": "MEDIUM"
              },
              {
                "author": "VULHUB",
                "id": "VHN-97188",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "218c8ddf-ae70-4d34-ab2c-7271d1a5a80f"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2016-11832"
          },
          {
            "db": "VULHUB",
            "id": "VHN-97188"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2016-007661"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201612-009"
          },
          {
            "db": "NVD",
            "id": "CVE-2016-8368"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "An issue was discovered in Mitsubishi Electric Automation MELSEC-Q series Ethernet interface modules QJ71E71-100, all versions, QJ71E71-B5, all versions, and QJ71E71-B2, all versions. The affected Ethernet interface module is connected to a MELSEC-Q PLC, which may allow a remote attacker to connect to the PLC via Port 5002/TCP and cause a denial of service, requiring the PLC to be reset to resume operation. This is caused by an Unrestricted Externally Accessible Lock. Using incomplete or dangerous encryption algorithms (CWE-327) - CVE-2016-8370 The password included in the communication data is encrypted with a weak encryption algorithm. Inappropriate restrictions on external operations (CWE-412) - CVE-2016-8368 Port by remote third party 5002/TCP via PLC Resulting in service disruption (DoS) There is a possibility of being attacked.A password may be obtained by a remote party or service operation may be interrupted (DoS) There is a possibility of being attacked. Mitsubishi Electric is a Japanese company. An attacker exploiting a vulnerability can result in a denial of service condition. \nAttackers can exploit these issues to perform unauthorized  actions or cause  denial-of-service conditions",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2016-8368"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2016-007661"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2016-11832"
          },
          {
            "db": "BID",
            "id": "94632"
          },
          {
            "db": "IVD",
            "id": "218c8ddf-ae70-4d34-ab2c-7271d1a5a80f"
          },
          {
            "db": "VULHUB",
            "id": "VHN-97188"
          }
        ],
        "trust": 2.7
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2016-8368",
            "trust": 3.6
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-16-336-03",
            "trust": 3.4
          },
          {
            "db": "BID",
            "id": "94632",
            "trust": 2.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201612-009",
            "trust": 0.9
          },
          {
            "db": "CNVD",
            "id": "CNVD-2016-11832",
            "trust": 0.8
          },
          {
            "db": "JVN",
            "id": "JVNVU99901500",
            "trust": 0.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2016-007661",
            "trust": 0.8
          },
          {
            "db": "IVD",
            "id": "218C8DDF-AE70-4D34-AB2C-7271D1A5A80F",
            "trust": 0.2
          },
          {
            "db": "VULHUB",
            "id": "VHN-97188",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "218c8ddf-ae70-4d34-ab2c-7271d1a5a80f"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2016-11832"
          },
          {
            "db": "VULHUB",
            "id": "VHN-97188"
          },
          {
            "db": "BID",
            "id": "94632"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2016-007661"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201612-009"
          },
          {
            "db": "NVD",
            "id": "CVE-2016-8368"
          }
        ]
      },
      "id": "VAR-201702-0075",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "IVD",
            "id": "218c8ddf-ae70-4d34-ab2c-7271d1a5a80f"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2016-11832"
          },
          {
            "db": "VULHUB",
            "id": "VHN-97188"
          }
        ],
        "trust": 1.7055555333333334
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "ICS",
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          },
          {
            "category": [
              "ICS"
            ],
            "sub_category": null,
            "trust": 0.2
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "218c8ddf-ae70-4d34-ab2c-7271d1a5a80f"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2016-11832"
          }
        ]
      },
      "last_update_date": "2025-04-20T23:34:29.448000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "\u4e09\u83f1\u96fb\u6a5f\u682a\u5f0f\u4f1a\u793e\u304b\u3089\u306e\u60c5\u5831",
            "trust": 0.8,
            "url": "http://jvn.jp/vu/JVNVU99901500/479518/index.html"
          },
          {
            "title": "Patches for multiple service violations in multiple Mitsubishi Electric MELSEC-Q series products",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/84928"
          },
          {
            "title": "Mitsubishi Electric MELSEC-Q Series Product Security Bypass Vulnerabilities and Remediation Measures for Denial of Service Vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=65991"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2016-11832"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2016-007661"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201612-009"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-662",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-399",
            "trust": 0.9
          },
          {
            "problemtype": "CWE-412",
            "trust": 0.8
          },
          {
            "problemtype": "CWE-327",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-97188"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2016-007661"
          },
          {
            "db": "NVD",
            "id": "CVE-2016-8368"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 3.4,
            "url": "https://ics-cert.us-cert.gov/advisories/icsa-16-336-03"
          },
          {
            "trust": 1.7,
            "url": "http://www.securityfocus.com/bid/94632"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-8370"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-8368"
          },
          {
            "trust": 0.8,
            "url": "http://jvn.jp/vu/jvnvu99901500/index.html"
          },
          {
            "trust": 0.8,
            "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-8370"
          },
          {
            "trust": 0.8,
            "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-8368"
          },
          {
            "trust": 0.3,
            "url": "http://www.mrslim.com/home.asp"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2016-11832"
          },
          {
            "db": "VULHUB",
            "id": "VHN-97188"
          },
          {
            "db": "BID",
            "id": "94632"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2016-007661"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201612-009"
          },
          {
            "db": "NVD",
            "id": "CVE-2016-8368"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "IVD",
            "id": "218c8ddf-ae70-4d34-ab2c-7271d1a5a80f"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2016-11832"
          },
          {
            "db": "VULHUB",
            "id": "VHN-97188"
          },
          {
            "db": "BID",
            "id": "94632"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2016-007661"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201612-009"
          },
          {
            "db": "NVD",
            "id": "CVE-2016-8368"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2016-12-05T00:00:00",
            "db": "IVD",
            "id": "218c8ddf-ae70-4d34-ab2c-7271d1a5a80f"
          },
          {
            "date": "2016-12-01T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2016-11832"
          },
          {
            "date": "2017-02-13T00:00:00",
            "db": "VULHUB",
            "id": "VHN-97188"
          },
          {
            "date": "2016-12-01T00:00:00",
            "db": "BID",
            "id": "94632"
          },
          {
            "date": "2017-03-09T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2016-007661"
          },
          {
            "date": "2016-12-02T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201612-009"
          },
          {
            "date": "2017-02-13T21:59:01.173000",
            "db": "NVD",
            "id": "CVE-2016-8368"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2017-01-09T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2016-11832"
          },
          {
            "date": "2017-03-15T00:00:00",
            "db": "VULHUB",
            "id": "VHN-97188"
          },
          {
            "date": "2016-12-20T00:06:00",
            "db": "BID",
            "id": "94632"
          },
          {
            "date": "2017-04-05T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2016-007661"
          },
          {
            "date": "2021-09-14T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201612-009"
          },
          {
            "date": "2025-04-20T01:37:25.860000",
            "db": "NVD",
            "id": "CVE-2016-8368"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201612-009"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Mitsubishi Electric  MELSEC-Q Series  Ethernet Multiple vulnerabilities in interface module",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2016-007661"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Resource management error",
        "sources": [
          {
            "db": "IVD",
            "id": "218c8ddf-ae70-4d34-ab2c-7271d1a5a80f"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201612-009"
          }
        ],
        "trust": 0.8
      }
    }

    VAR-201905-1060

    Vulnerability from variot - Updated: 2024-11-23 22:21

    In Mitsubishi Electric MELSEC-Q series Ethernet module QJ71E71-100 serial number 20121 and prior, an attacker could send crafted TCP packets against the FTP service, forcing the target devices to enter an error mode and cause a denial-of-service condition. Provided by Mitsubishi Electric Corporation MELSEC-Q Series Ethernet Interface unit FTP Functions include service disruption (DoS) (CWE-400) Vulnerabilities exist. The Mitsubishi Electric MELSEC-QseriesEthernetmoduleQJ71E71-100 is an Ethernet module from Japan's Mitsubishi Electric. A remote denial of service vulnerability exists in MitsubishiElectricMELSEC-QSeriesPLCs that could allow an attacker to cause a denial of service. Mitsubishi Electric MELSEC-Q Series PLCs are prone to an remote denial-of-service vulnerability. An attacker can exploit this issue to cause a denial-of-service condition. The following MELSEC-Q series PLCs are affected: QJ71E71-100 serial number 20121 and prior. This vulnerability stems from improper management of system resources (such as memory, disk space, files, etc.) by network systems or products

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201905-1060",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "qj71e71-100",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "mitsubishielectric",
            "version": "20121"
          },
          {
            "model": "qj71e71-100",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "mitsubishi electric",
            "version": "( above the serial number  5 digits  20121 previous version )"
          },
          {
            "model": "electric melsec-q series plcs j71e71-100 serial number",
            "scope": "lte",
            "trust": 0.6,
            "vendor": "mitsubishi",
            "version": "\u003c=20121"
          },
          {
            "model": "electric qj71e71-100",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mitsubishi",
            "version": "20121"
          },
          {
            "model": "electric qj71e71-100",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mitsubishi",
            "version": "18072"
          },
          {
            "model": "electric qj71e71-100",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "mitsubishi",
            "version": "20122"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-16527"
          },
          {
            "db": "BID",
            "id": "108419"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-003963"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-10977"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:mitsubishielectric:qj71e71-100_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-003963"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Younes Dragoni and Alessandro Di Pinto of Nozomi Networks,Younes Dragoni and Alessandro Di Pinto of Nozomi Networks reported this vulnerability to Mitsubishi and NCCIC.",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201905-839"
          }
        ],
        "trust": 0.6
      },
      "cve": "CVE-2019-10977",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 7.8,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2019-10977",
                "impactScore": 6.9,
                "integrityImpact": "NONE",
                "severity": "HIGH",
                "trust": 1.0,
                "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Network",
                "authentication": "None",
                "author": "IPA",
                "availabilityImpact": "Complete",
                "baseScore": 7.8,
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "JVNDB-2019-003963",
                "impactScore": null,
                "integrityImpact": "None",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "High",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 7.8,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "id": "CNVD-2019-16527",
                "impactScore": 6.9,
                "integrityImpact": "NONE",
                "severity": "HIGH",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "COMPLETE",
                "baseScore": 7.8,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "id": "VHN-142577",
                "impactScore": 6.9,
                "integrityImpact": "NONE",
                "severity": "HIGH",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 3.9,
                "id": "CVE-2019-10977",
                "impactScore": 3.6,
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "IPA",
                "availabilityImpact": "High",
                "baseScore": 7.5,
                "baseSeverity": "High",
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "JVNDB-2019-003963",
                "impactScore": null,
                "integrityImpact": "None",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2019-10977",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "IPA",
                "id": "JVNDB-2019-003963",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2019-16527",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201905-839",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "VULHUB",
                "id": "VHN-142577",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-16527"
          },
          {
            "db": "VULHUB",
            "id": "VHN-142577"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-003963"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201905-839"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-10977"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "In Mitsubishi Electric MELSEC-Q series Ethernet module QJ71E71-100 serial number 20121 and prior, an attacker could send crafted TCP packets against the FTP service, forcing the target devices to enter an error mode and cause a denial-of-service condition. Provided by Mitsubishi Electric Corporation MELSEC-Q Series Ethernet Interface unit FTP Functions include service disruption (DoS) (CWE-400) Vulnerabilities exist. The Mitsubishi Electric MELSEC-QseriesEthernetmoduleQJ71E71-100 is an Ethernet module from Japan\u0027s Mitsubishi Electric. A remote denial of service vulnerability exists in MitsubishiElectricMELSEC-QSeriesPLCs that could allow an attacker to cause a denial of service. Mitsubishi Electric MELSEC-Q Series PLCs are prone to an remote denial-of-service vulnerability. \nAn attacker can exploit this issue to cause a denial-of-service condition. \nThe following MELSEC-Q series PLCs are affected:\nQJ71E71-100 serial number 20121 and prior. This vulnerability stems from improper management of system resources (such as memory, disk space, files, etc.) by network systems or products",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2019-10977"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-003963"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2019-16527"
          },
          {
            "db": "BID",
            "id": "108419"
          },
          {
            "db": "VULHUB",
            "id": "VHN-142577"
          }
        ],
        "trust": 2.52
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2019-10977",
            "trust": 3.4
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-19-141-02",
            "trust": 2.8
          },
          {
            "db": "BID",
            "id": "108419",
            "trust": 2.6
          },
          {
            "db": "JVN",
            "id": "JVNVU93268101",
            "trust": 0.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-003963",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201905-839",
            "trust": 0.7
          },
          {
            "db": "CNVD",
            "id": "CNVD-2019-16527",
            "trust": 0.6
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2019.1867",
            "trust": 0.6
          },
          {
            "db": "VULHUB",
            "id": "VHN-142577",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-16527"
          },
          {
            "db": "VULHUB",
            "id": "VHN-142577"
          },
          {
            "db": "BID",
            "id": "108419"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-003963"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201905-839"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-10977"
          }
        ]
      },
      "id": "VAR-201905-1060",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-16527"
          },
          {
            "db": "VULHUB",
            "id": "VHN-142577"
          }
        ],
        "trust": 1.575
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-16527"
          }
        ]
      },
      "last_update_date": "2024-11-23T22:21:37.107000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "\u304a\u554f\u3044\u5408\u308f\u305b | \u4e09\u83f1\u96fb\u6a5f FA",
            "trust": 0.8,
            "url": "https://www.mitsubishielectric.co.jp/fa/support/purchase/index.html"
          },
          {
            "title": "Patch for MitsubishiElectricMELSEC-QSeriesPLCs Remote Denial of Service Vulnerability",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/163035"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-16527"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-003963"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-400",
            "trust": 1.1
          },
          {
            "problemtype": "CWE-755",
            "trust": 1.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-142577"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-10977"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.9,
            "url": "http://www.securityfocus.com/bid/108419"
          },
          {
            "trust": 2.8,
            "url": "https://ics-cert.us-cert.gov/advisories/icsa-19-141-02"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-10977"
          },
          {
            "trust": 0.9,
            "url": "http://www.mitsubishi-automation.com/"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-10977"
          },
          {
            "trust": 0.8,
            "url": "https://jvn.jp/vu/jvnvu93268101/"
          },
          {
            "trust": 0.6,
            "url": "https://web.nvd.nist.gov//vuln/detail/cve-2019-10977"
          },
          {
            "trust": 0.6,
            "url": "https://www.auscert.org.au/bulletins/esb-2019.1867/"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-16527"
          },
          {
            "db": "VULHUB",
            "id": "VHN-142577"
          },
          {
            "db": "BID",
            "id": "108419"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-003963"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201905-839"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-10977"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-16527"
          },
          {
            "db": "VULHUB",
            "id": "VHN-142577"
          },
          {
            "db": "BID",
            "id": "108419"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-003963"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201905-839"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-10977"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2019-06-05T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2019-16527"
          },
          {
            "date": "2019-05-23T00:00:00",
            "db": "VULHUB",
            "id": "VHN-142577"
          },
          {
            "date": "2019-05-21T00:00:00",
            "db": "BID",
            "id": "108419"
          },
          {
            "date": "2019-05-24T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-003963"
          },
          {
            "date": "2019-05-21T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201905-839"
          },
          {
            "date": "2019-05-23T14:29:07.610000",
            "db": "NVD",
            "id": "CVE-2019-10977"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2019-06-05T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2019-16527"
          },
          {
            "date": "2020-10-02T00:00:00",
            "db": "VULHUB",
            "id": "VHN-142577"
          },
          {
            "date": "2019-05-21T00:00:00",
            "db": "BID",
            "id": "108419"
          },
          {
            "date": "2019-05-24T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-003963"
          },
          {
            "date": "2020-10-09T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201905-839"
          },
          {
            "date": "2024-11-21T04:20:16.957000",
            "db": "NVD",
            "id": "CVE-2019-10977"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201905-839"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Made by Mitsubishi Electric  MELSEC-Q series  Ethernet Service operation interruption in the interface unit (DoS) Vulnerabilities",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-003963"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "resource management error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201905-839"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202010-0395

    Vulnerability from variot - Updated: 2024-11-23 21:51

    Multiple Mitsubishi Electric products are vulnerable to impersonations of a legitimate device by a malicious actor, which may allow an attacker to remotely execute arbitrary commands. of multiple Mitsubishi Electric products TCP A vulnerability in session management exists in the protocol stack. This vulnerability information is provided by the developer for the purpose of dissemination to product users. Authentication is not required to exploit this vulnerability.The specific flaw exists within the processing of ACK packets. When generating ACK packets, the application uses a predictable sequence number. An attacker can leverage this vulnerability to execute arbitrary code in the context of the current process. Mitsubishi Electric gt14 model是日本三菱电机(Mitsubishi Electric)公司的一个用于工业生产过程中提供人机交互界面的设备. Mitsubishi Electric 多个产品存在命令执行漏洞,该漏洞允许攻击者冒充合法设备,从而使攻击者能够远程执行任意命令。以下产品和版本受到影响:QJ71MES96 all versions,QJ71WS96 all versions,Q06CCPU-V all versions,Q24DHCCPU-V all versions,Q24DHCCPU-VG all versions,R12CCPU-V Version 13 and prior,RD55UP06-V Version 09 and prior,RD55UP12-V Version 01,RJ71GN11-T2 Version 11 and prior,RJ71EN71 all versions,QJ71E71-100 all versions,LJ71E71-100 all versions,QJ71MT91 all versions,RD78Gn(n=4,8,16,32,64) all versions,RD78GHV all versions,RD78GHW all versions,NZ2GACP620-60 all versions,NZ2GACP620-300 all versions,NZ2FT-MT all versions,NZ2FT-EIP all versions,Q03UDECPU the first 5 digits of serial number 22081 and prior,QnUDEHCPU(n=04/06/10/13/20/26/50/100) the first 5 digits of serial number 22081 and prior,QnUDVCPU(n=03/04/06/13/26) the first 5 digits of serial number 22031 and prior,QnUDPVCPU(n=04/06/13/26) the first 5 digits of serial number 22031 and prior,LnCPU(-P)(n=02/06/26) the first 5 digits of serial number 22051 and prior,L26CPU-(P)BT the first 5 digits of serial number 22051 and prior,RnCPU(n=00/01/02) Version 18 and prior,RnCPU(n=04/08/16/32/120) Version 50 and prior,RnENCPU(n=04/08/16/32/120) Version 50 and prior,RnSFCPU (n=08/16/32/120) Version 22 and prior,RnPCPU(n=08/16/32/120) Version 24 and prior,RnPSFCPU(n=08/16/32/120) Version 05 and prior,FX5U(C)-M*/,FX5UC-32M/-TS Version 1.210 and prior,FX5UJ-M/ Version 1.000,FX5-ENET Version 1.002 and prior,FX5-ENET/IP Version 1.002 and prior,FX3U-ENET-ADP Version 1.22 and prior,FX3GE-M/* the first 3 digits of serial number 20X and prior,FX3U-ENET Version 1.14 and prior,FX3U-ENET-L Version 1.14 and prior,FX3U-ENET-P502 Version 1.14 and prior,FX5-CCLGN-MS Version 1.000,IU1-1M20-D all versions,LE7-40GU-L all versions,GOT2000 Series GT21 Model all versions,GS Series all versions,GOT1000 Series GT14 Model all versions,GT25-J71GN13-T2 all versions,FR-A800-E Series production date December 2020 and prior,FR-F800-E Series production date December 2020 and prior,FR-A8NCG Production date August 2020 and prior,FR-E800-EPA Series Production date July 2020 and prior,FR-E800-EPB Series Production date July 2020 and prior,Conveyor Tracking Application APR-nTR3FH APR-nTR6FH APR-nTR12FH APR-nTR20FH(n=1,2) all versions (Discontinued product),MR-JE-C all versions,MR-J4-TM all versions

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202010-0395",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "fr-f842-e",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mitsubishielectric",
            "version": "*"
          },
          {
            "model": "rnpsfcpu\\",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mitsubishielectric",
            "version": "*"
          },
          {
            "model": "qj71ws96",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mitsubishielectric",
            "version": "*"
          },
          {
            "model": "fx3g-14mr\\/es",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mitsubishielectric",
            "version": "*"
          },
          {
            "model": "fr-f860-e",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mitsubishielectric",
            "version": "*"
          },
          {
            "model": "q24dhccpu-v",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mitsubishielectric",
            "version": "*"
          },
          {
            "model": "fx5uj-24mt\\/ess",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mitsubishielectric",
            "version": "1.000"
          },
          {
            "model": "fx3u-enet",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mitsubishielectric",
            "version": "*"
          },
          {
            "model": "q24dhccpu-vg",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mitsubishielectric",
            "version": "*"
          },
          {
            "model": "rnpcpu\\",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mitsubishielectric",
            "version": "*"
          },
          {
            "model": "got2000 series gt21",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mitsubishielectric",
            "version": "*"
          },
          {
            "model": "fx3g-60mr\\/es",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mitsubishielectric",
            "version": "*"
          },
          {
            "model": "fx5-enet-adp",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mitsubishielectric",
            "version": "*"
          },
          {
            "model": "fr-a860-e",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mitsubishielectric",
            "version": "*"
          },
          {
            "model": "rd55up06-v",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mitsubishielectric",
            "version": "*"
          },
          {
            "model": "fx3g-40mr\\/ds",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mitsubishielectric",
            "version": "*"
          },
          {
            "model": "fx3g-40mt\\/ess",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mitsubishielectric",
            "version": "*"
          },
          {
            "model": "fx5uc-32mr\\/ds-ts",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mitsubishielectric",
            "version": "1.210"
          },
          {
            "model": "got1000 series gt14",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mitsubishielectric",
            "version": "*"
          },
          {
            "model": "conveyor tracking application apr-ntr12fh",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mitsubishielectric",
            "version": null
          },
          {
            "model": "rd78ghv",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mitsubishielectric",
            "version": "*"
          },
          {
            "model": "fr-f820-e",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mitsubishielectric",
            "version": "*"
          },
          {
            "model": "fr-f840-e",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mitsubishielectric",
            "version": "*"
          },
          {
            "model": "qnudehcpu\\",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "mitsubishielectric",
            "version": "22081"
          },
          {
            "model": "qnudpvcpu\\",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "mitsubishielectric",
            "version": "22031"
          },
          {
            "model": "fx5uj-24mr\\/es",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mitsubishielectric",
            "version": "1.000"
          },
          {
            "model": "nz2gacp620-60",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mitsubishielectric",
            "version": "*"
          },
          {
            "model": "rnsfcpu \\",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mitsubishielectric",
            "version": "*"
          },
          {
            "model": "rj71en71",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mitsubishielectric",
            "version": "*"
          },
          {
            "model": "fx5-enet",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mitsubishielectric",
            "version": "*"
          },
          {
            "model": "fr-a862-e",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mitsubishielectric",
            "version": "*"
          },
          {
            "model": "qj71e71-100",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mitsubishielectric",
            "version": "*"
          },
          {
            "model": "mr-j4-tm",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mitsubishielectric",
            "version": "*"
          },
          {
            "model": "r12ccpu-v",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mitsubishielectric",
            "version": "*"
          },
          {
            "model": "mr-je-c",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mitsubishielectric",
            "version": "*"
          },
          {
            "model": "fx3g-40mt\\/dss",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mitsubishielectric",
            "version": "*"
          },
          {
            "model": "fx5uj-40mt\\/es",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mitsubishielectric",
            "version": "1.000"
          },
          {
            "model": "fx3g-32 mt\\/dss",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mitsubishielectric",
            "version": "*"
          },
          {
            "model": "qnudvcpu\\",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "mitsubishielectric",
            "version": "22031"
          },
          {
            "model": "lj71e71-100",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mitsubishielectric",
            "version": "*"
          },
          {
            "model": "fx5uj-40mt\\/ess",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mitsubishielectric",
            "version": "1.000"
          },
          {
            "model": "fx5uc-32mt\\/d",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mitsubishielectric",
            "version": "1.210"
          },
          {
            "model": "fx5uj-60mr\\/es",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mitsubishielectric",
            "version": "1.000"
          },
          {
            "model": "fx3g-14mr\\/ds",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mitsubishielectric",
            "version": "*"
          },
          {
            "model": "fx3g-14mt\\/dss",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mitsubishielectric",
            "version": "*"
          },
          {
            "model": "fx5-cclgn-ms",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mitsubishielectric",
            "version": "*"
          },
          {
            "model": "fr-a8ncge",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "mitsubishielectric",
            "version": "2020-08"
          },
          {
            "model": "qj71mt91",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mitsubishielectric",
            "version": "*"
          },
          {
            "model": "fr-a820-e",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mitsubishielectric",
            "version": "*"
          },
          {
            "model": "fx5uj-60mt\\/ess",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mitsubishielectric",
            "version": "1.000"
          },
          {
            "model": "fr-e800-epa",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "mitsubishielectric",
            "version": "2020-07"
          },
          {
            "model": "got simple series gs21",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mitsubishielectric",
            "version": "*"
          },
          {
            "model": "fr-e800-epb",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "mitsubishielectric",
            "version": "2020-07"
          },
          {
            "model": "fx3g-14mt\\/ess",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mitsubishielectric",
            "version": "*"
          },
          {
            "model": "rj71gn11-t2",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mitsubishielectric",
            "version": "*"
          },
          {
            "model": "fx3g-40mr\\/es",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mitsubishielectric",
            "version": "*"
          },
          {
            "model": "le7-40gu-l",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mitsubishielectric",
            "version": "*"
          },
          {
            "model": "fx5uj-40mr\\/es",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mitsubishielectric",
            "version": "1.000"
          },
          {
            "model": "iu1-1m20-d",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mitsubishielectric",
            "version": "*"
          },
          {
            "model": "nz2gacp620-300",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mitsubishielectric",
            "version": "*"
          },
          {
            "model": "l26cpu-\\ bt",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "mitsubishielectric",
            "version": "22051"
          },
          {
            "model": "nz2ft-mt",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mitsubishielectric",
            "version": "*"
          },
          {
            "model": "q06ccpu-v",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mitsubishielectric",
            "version": "*"
          },
          {
            "model": "fr-f862-e",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mitsubishielectric",
            "version": "*"
          },
          {
            "model": "conveyor tracking application apr-ntr6fh",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mitsubishielectric",
            "version": null
          },
          {
            "model": "fx3g-24mt\\/ess",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mitsubishielectric",
            "version": "*"
          },
          {
            "model": "rd78gn\\",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mitsubishielectric",
            "version": "*"
          },
          {
            "model": "fx3g-24mr\\/ds",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mitsubishielectric",
            "version": "*"
          },
          {
            "model": "lncpu\\ \\",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "mitsubishielectric",
            "version": "22051"
          },
          {
            "model": "fx3g-60mr\\/ds",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mitsubishielectric",
            "version": "*"
          },
          {
            "model": "conveyor tracking application apr-ntr3fh",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mitsubishielectric",
            "version": "*"
          },
          {
            "model": "fx3g-24mr\\/es",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mitsubishielectric",
            "version": "*"
          },
          {
            "model": "conveyor tracking application apr-ntr20fh\\",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mitsubishielectric",
            "version": null
          },
          {
            "model": "fx3u-enet-l",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mitsubishielectric",
            "version": "*"
          },
          {
            "model": "fr-a842-e",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mitsubishielectric",
            "version": "*"
          },
          {
            "model": "fr-a840-e",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mitsubishielectric",
            "version": "*"
          },
          {
            "model": "fx3g-60mt\\/ess",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mitsubishielectric",
            "version": "*"
          },
          {
            "model": "rd78ghw",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mitsubishielectric",
            "version": "*"
          },
          {
            "model": "fx5uc-32mt\\/dss",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mitsubishielectric",
            "version": "1.210"
          },
          {
            "model": "rncpu\\ t",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "mitsubishielectric",
            "version": "18"
          },
          {
            "model": "fx3u-enet-p502",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mitsubishielectric",
            "version": "*"
          },
          {
            "model": "gt25-j71gn13-t2",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mitsubishielectric",
            "version": "*"
          },
          {
            "model": "fx5uc-32mt\\/ds-ts",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mitsubishielectric",
            "version": "1.210"
          },
          {
            "model": "q03udecpu",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "mitsubishielectric",
            "version": "22081"
          },
          {
            "model": "fx5uj-60mt\\/es",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mitsubishielectric",
            "version": "1.000"
          },
          {
            "model": "fx5uc-32mt\\/dss-ts",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mitsubishielectric",
            "version": "1.210"
          },
          {
            "model": "fx5-enet\\/ip",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mitsubishielectric",
            "version": "*"
          },
          {
            "model": "fx3g-60mt\\/dss",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mitsubishielectric",
            "version": "*"
          },
          {
            "model": "rncpu\\",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "mitsubishielectric",
            "version": "50"
          },
          {
            "model": "fx3g-24mt\\/dss",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mitsubishielectric",
            "version": "*"
          },
          {
            "model": "rnencpu\\",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "mitsubishielectric",
            "version": "50"
          },
          {
            "model": "qj71mes96",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mitsubishielectric",
            "version": "*"
          },
          {
            "model": "fx5uj-24mt\\/es",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mitsubishielectric",
            "version": "1.000"
          },
          {
            "model": "rd55up12-v",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mitsubishielectric",
            "version": "*"
          },
          {
            "model": "nz2ft-eip",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mitsubishielectric",
            "version": "*"
          },
          {
            "model": "\uff08\u8907\u6570\u306e\u88fd\u54c1\uff09",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "\u4e09\u83f1\u96fb\u6a5f",
            "version": "(multiple products)"
          },
          {
            "model": "\uff08\u8907\u6570\u306e\u88fd\u54c1\uff09",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "\u4e09\u83f1\u96fb\u6a5f",
            "version": "it was * ac the servo  melservo"
          },
          {
            "model": "\uff08\u8907\u6570\u306e\u88fd\u54c1\uff09",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "\u4e09\u83f1\u96fb\u6a5f",
            "version": "it was * lossnay central ventilation system"
          },
          {
            "model": "\uff08\u8907\u6570\u306e\u88fd\u54c1\uff09",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "\u4e09\u83f1\u96fb\u6a5f",
            "version": "it was * display  got"
          },
          {
            "model": "\uff08\u8907\u6570\u306e\u88fd\u54c1\uff09",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "\u4e09\u83f1\u96fb\u6a5f",
            "version": null
          },
          {
            "model": "\uff08\u8907\u6570\u306e\u88fd\u54c1\uff09",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "\u4e09\u83f1\u96fb\u6a5f",
            "version": "it was * air conditioning control system  / centralized controller"
          },
          {
            "model": "\uff08\u8907\u6570\u306e\u88fd\u54c1\uff09",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "\u4e09\u83f1\u96fb\u6a5f",
            "version": "it was * air conditioning control system  / expansion controller"
          },
          {
            "model": "\uff08\u8907\u6570\u306e\u88fd\u54c1\uff09",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "\u4e09\u83f1\u96fb\u6a5f",
            "version": "it was * energy measurement unit"
          },
          {
            "model": "\uff08\u8907\u6570\u306e\u88fd\u54c1\uff09",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "\u4e09\u83f1\u96fb\u6a5f",
            "version": "affected products    s vary widely. for more information, please check the information provided by the developer."
          },
          {
            "model": "\uff08\u8907\u6570\u306e\u88fd\u54c1\uff09",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "\u4e09\u83f1\u96fb\u6a5f",
            "version": "it was * range hood fan"
          },
          {
            "model": "\uff08\u8907\u6570\u306e\u88fd\u54c1\uff09",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "\u4e09\u83f1\u96fb\u6a5f",
            "version": "it was * data collection analyzer  melqic"
          },
          {
            "model": "\uff08\u8907\u6570\u306e\u88fd\u54c1\uff09",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "\u4e09\u83f1\u96fb\u6a5f",
            "version": "it was * hems compatible adapter, lan adapter"
          },
          {
            "model": "\uff08\u8907\u6570\u306e\u88fd\u54c1\uff09",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "\u4e09\u83f1\u96fb\u6a5f",
            "version": "it was * air conditioning control system  / bm adapter"
          },
          {
            "model": "\uff08\u8907\u6570\u306e\u88fd\u54c1\uff09",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "\u4e09\u83f1\u96fb\u6a5f",
            "version": "it was * room air conditioner"
          },
          {
            "model": "\uff08\u8907\u6570\u306e\u88fd\u54c1\uff09",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "\u4e09\u83f1\u96fb\u6a5f",
            "version": "it was * bath drying/heating/ventilation system"
          },
          {
            "model": "\uff08\u8907\u6570\u306e\u88fd\u54c1\uff09",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "\u4e09\u83f1\u96fb\u6a5f",
            "version": "it was * solar power system color monitor eco guide"
          },
          {
            "model": "\uff08\u8907\u6570\u306e\u88fd\u54c1\uff09",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "\u4e09\u83f1\u96fb\u6a5f",
            "version": "it was * ventilation fan for duct"
          },
          {
            "model": "\uff08\u8907\u6570\u306e\u88fd\u54c1\uff09",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "\u4e09\u83f1\u96fb\u6a5f",
            "version": "it was * tension controller"
          },
          {
            "model": "\uff08\u8907\u6570\u306e\u88fd\u54c1\uff09",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "\u4e09\u83f1\u96fb\u6a5f",
            "version": "it was * inverter  freqrol"
          },
          {
            "model": "\uff08\u8907\u6570\u306e\u88fd\u54c1\uff09",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "\u4e09\u83f1\u96fb\u6a5f",
            "version": "it was * mitsubishi energy saving dem  monitoring server  e-energy"
          },
          {
            "model": "\uff08\u8907\u6570\u306e\u88fd\u54c1\uff09",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "\u4e09\u83f1\u96fb\u6a5f",
            "version": "it was * robot  melfa"
          },
          {
            "model": "melsec iq-f",
            "scope": null,
            "trust": 0.7,
            "vendor": "mitsubishi electric",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "ZDI",
            "id": "ZDI-20-1207"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-008251"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-16226"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Ta-Lun Yen of TXOne IoT/ICS Security Research Labs (Trend Micro)",
        "sources": [
          {
            "db": "ZDI",
            "id": "ZDI-20-1207"
          }
        ],
        "trust": 0.7
      },
      "cve": "CVE-2020-16226",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 7.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "CVE-2020-16226",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "HIGH",
                "trust": 1.1,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2020-16226",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "Low",
                "baseScore": 7.3,
                "baseSeverity": "High",
                "confidentialityImpact": "Low",
                "exploitabilityScore": null,
                "id": "CVE-2020-16226",
                "impactScore": null,
                "integrityImpact": "Low",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
                "version": "3.0"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "ZDI",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2020-16226",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 0.7,
                "userInteraction": "NONE",
                "vectorString": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2020-16226",
                "trust": 1.0,
                "value": "CRITICAL"
              },
              {
                "author": "NVD",
                "id": "CVE-2020-16226",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "ZDI",
                "id": "CVE-2020-16226",
                "trust": 0.7,
                "value": "CRITICAL"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202009-074",
                "trust": 0.6,
                "value": "CRITICAL"
              },
              {
                "author": "VULMON",
                "id": "CVE-2020-16226",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "ZDI",
            "id": "ZDI-20-1207"
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-16226"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-008251"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202009-074"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-16226"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Multiple Mitsubishi Electric products are vulnerable to impersonations of a legitimate device by a malicious actor, which may allow an attacker to remotely execute arbitrary commands. of multiple Mitsubishi Electric products TCP A vulnerability in session management exists in the protocol stack. This vulnerability information is provided by the developer for the purpose of dissemination to product users. Authentication is not required to exploit this vulnerability.The specific flaw exists within the processing of ACK packets. When generating ACK packets, the application uses a predictable sequence number. An attacker can leverage this vulnerability to execute arbitrary code in the context of the current process. Mitsubishi Electric gt14 model\u662f\u65e5\u672c\u4e09\u83f1\u7535\u673a\uff08Mitsubishi Electric\uff09\u516c\u53f8\u7684\u4e00\u4e2a\u7528\u4e8e\u5de5\u4e1a\u751f\u4ea7\u8fc7\u7a0b\u4e2d\u63d0\u4f9b\u4eba\u673a\u4ea4\u4e92\u754c\u9762\u7684\u8bbe\u5907. \nMitsubishi Electric \u591a\u4e2a\u4ea7\u54c1\u5b58\u5728\u547d\u4ee4\u6267\u884c\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u5141\u8bb8\u653b\u51fb\u8005\u5192\u5145\u5408\u6cd5\u8bbe\u5907\uff0c\u4ece\u800c\u4f7f\u653b\u51fb\u8005\u80fd\u591f\u8fdc\u7a0b\u6267\u884c\u4efb\u610f\u547d\u4ee4\u3002\u4ee5\u4e0b\u4ea7\u54c1\u548c\u7248\u672c\u53d7\u5230\u5f71\u54cd\uff1aQJ71MES96 all versions\uff0cQJ71WS96 all versions\uff0cQ06CCPU-V all versions\uff0cQ24DHCCPU-V all versions\uff0cQ24DHCCPU-VG all versions\uff0cR12CCPU-V Version 13 and prior\uff0cRD55UP06-V Version 09 and prior\uff0cRD55UP12-V Version 01\uff0cRJ71GN11-T2 Version 11 and prior\uff0cRJ71EN71 all versions\uff0cQJ71E71-100 all versions\uff0cLJ71E71-100 all versions\uff0cQJ71MT91 all versions\uff0cRD78Gn(n=4,8,16,32,64) all versions\uff0cRD78GHV all versions\uff0cRD78GHW all versions\uff0cNZ2GACP620-60 all versions\uff0cNZ2GACP620-300 all versions\uff0cNZ2FT-MT all versions\uff0cNZ2FT-EIP all versions\uff0cQ03UDECPU the first 5 digits of serial number 22081 and prior\uff0cQnUDEHCPU(n=04/06/10/13/20/26/50/100) the first 5 digits of serial number 22081 and prior\uff0cQnUDVCPU(n=03/04/06/13/26) the first 5 digits of serial number 22031 and prior\uff0cQnUDPVCPU(n=04/06/13/26) the first 5 digits of serial number 22031 and prior\uff0cLnCPU(-P)(n=02/06/26) the first 5 digits of serial number 22051 and prior\uff0cL26CPU-(P)BT the first 5 digits of serial number 22051 and prior\uff0cRnCPU(n=00/01/02) Version 18 and prior\uff0cRnCPU(n=04/08/16/32/120) Version 50 and prior\uff0cRnENCPU(n=04/08/16/32/120) Version 50 and prior\uff0cRnSFCPU (n=08/16/32/120) Version 22 and prior\uff0cRnPCPU(n=08/16/32/120) Version 24 and prior\uff0cRnPSFCPU(n=08/16/32/120) Version 05 and prior\uff0cFX5U(C)-**M*/**\uff0cFX5UC-32M*/**-TS Version 1.210 and prior\uff0cFX5UJ-**M*/** Version 1.000\uff0cFX5-ENET Version 1.002 and prior\uff0cFX5-ENET/IP Version 1.002 and prior\uff0cFX3U-ENET-ADP Version 1.22 and prior\uff0cFX3GE-**M*/** the first 3 digits of serial number 20X and prior\uff0cFX3U-ENET Version 1.14 and prior\uff0cFX3U-ENET-L Version 1.14 and prior\uff0cFX3U-ENET-P502 Version 1.14 and prior\uff0cFX5-CCLGN-MS Version 1.000\uff0cIU1-1M20-D all versions\uff0cLE7-40GU-L all versions\uff0cGOT2000 Series GT21 Model all versions\uff0cGS Series all versions\uff0cGOT1000 Series GT14 Model all versions\uff0cGT25-J71GN13-T2 all versions\uff0cFR-A800-E Series production date December 2020 and prior\uff0cFR-F800-E Series production date December 2020 and prior\uff0cFR-A8NCG Production date August 2020 and prior\uff0cFR-E800-EPA Series Production date July 2020 and prior\uff0cFR-E800-EPB Series Production date July 2020 and prior\uff0cConveyor Tracking Application APR-nTR3FH APR-nTR6FH APR-nTR12FH APR-nTR20FH(n=1,2) all versions (Discontinued product)\uff0cMR-JE-C all versions\uff0cMR-J4-TM all versions",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2020-16226"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-008251"
          },
          {
            "db": "ZDI",
            "id": "ZDI-20-1207"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202009-074"
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-16226"
          }
        ],
        "trust": 2.88
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2020-16226",
            "trust": 3.2
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-20-245-01",
            "trust": 2.5
          },
          {
            "db": "JVN",
            "id": "JVNVU93926439",
            "trust": 0.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-008251",
            "trust": 0.8
          },
          {
            "db": "ZDI_CAN",
            "id": "ZDI-CAN-10966",
            "trust": 0.7
          },
          {
            "db": "ZDI",
            "id": "ZDI-20-1207",
            "trust": 0.7
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2020.3041",
            "trust": 0.6
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2022.4767",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202009-074",
            "trust": 0.6
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-16226",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "ZDI",
            "id": "ZDI-20-1207"
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-16226"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-008251"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202009-074"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-16226"
          }
        ]
      },
      "id": "VAR-202010-0395",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.41666666
      },
      "last_update_date": "2024-11-23T21:51:16.463000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "of our products TCP Spoofing Vulnerability in Protocol Stack",
            "trust": 0.8,
            "url": "https://www.mitsubishielectric.co.jp/psirt/vulnerability/pdf/2020-009.pdf"
          },
          {
            "title": "Mitsubishi Electric has issued an update to correct this vulnerability.",
            "trust": 0.7,
            "url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-245-01"
          },
          {
            "title": "mitsubishielectric Fixes for remote command execution vulnerabilities",
            "trust": 0.6,
            "url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=127702"
          }
        ],
        "sources": [
          {
            "db": "ZDI",
            "id": "ZDI-20-1207"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-008251"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202009-074"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-342",
            "trust": 1.0
          },
          {
            "problemtype": "Lack of information (CWE-noinfo) [ others ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-008251"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-16226"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 3.8,
            "url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-245-01"
          },
          {
            "trust": 0.8,
            "url": "https://jvn.jp/vu/jvnvu93926439/"
          },
          {
            "trust": 0.6,
            "url": "https://www.auscert.org.au/bulletins/esb-2020.3041/"
          },
          {
            "trust": 0.6,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2020-16226"
          },
          {
            "trust": 0.6,
            "url": "https://www.auscert.org.au/bulletins/esb-2022.4767"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/342.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          },
          {
            "trust": 0.1,
            "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-20-245-01"
          }
        ],
        "sources": [
          {
            "db": "ZDI",
            "id": "ZDI-20-1207"
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-16226"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-008251"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202009-074"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-16226"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "ZDI",
            "id": "ZDI-20-1207"
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-16226"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-008251"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202009-074"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-16226"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-09-08T00:00:00",
            "db": "ZDI",
            "id": "ZDI-20-1207"
          },
          {
            "date": "2020-10-05T00:00:00",
            "db": "VULMON",
            "id": "CVE-2020-16226"
          },
          {
            "date": "2020-09-07T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-008251"
          },
          {
            "date": "2020-09-01T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202009-074"
          },
          {
            "date": "2020-10-05T18:15:13.133000",
            "db": "NVD",
            "id": "CVE-2020-16226"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-09-17T00:00:00",
            "db": "ZDI",
            "id": "ZDI-20-1207"
          },
          {
            "date": "2020-10-22T00:00:00",
            "db": "VULMON",
            "id": "CVE-2020-16226"
          },
          {
            "date": "2022-09-26T08:55:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-008251"
          },
          {
            "date": "2022-09-28T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202009-074"
          },
          {
            "date": "2024-11-21T05:06:58.517000",
            "db": "NVD",
            "id": "CVE-2020-16226"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202009-074"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "of multiple Mitsubishi Electric products \u00a0TCP\u00a0 Session management flaw in protocol stack",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-008251"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Command execution",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202009-074"
          }
        ],
        "trust": 0.6
      }
    }