CVE-2023-1424
8.1
Vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Exploitability: 2.2 / Impact: 5.9
Source: NVD
Description
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series CPU modules and MELSEC iQ-R Series CPU modules allows a remote unauthenticated attacker to cause a denial of service (DoS) condition or execute malicious code on a target product by sending specially crafted packets. A system reset of the product is required for recovery from a denial of service (DoS) condition and malicious code execution.
Affected (39)
Products: Mitsubishielectric: Melsec Iq Fx5u 32mr/ds Firmware, Melsec Iq Fx5u 32mr/dss Firmware, Melsec Iq Fx5u 32mr/es Firmware, Melsec Iq Fx5u 32mr/ess Firmware, Melsec Iq Fx5u 32mt/ds Firmware, Melsec Iq Fx5u 32mt/dss Firmware, Melsec Iq Fx5u 32mt/es Firmware, Melsec Iq Fx5u 32mt/ess Firmware, Melsec Iq Fx5u 64mr/ds Firmware, Melsec Iq Fx5u 64mr/dss Firmware, Melsec Iq Fx5u 64mr/es Firmware, Melsec Iq Fx5u 64mr/ess Firmware, Melsec Iq Fx5u 64mt/ds Firmware, Melsec Iq Fx5u 64mt/dss Firmware, Melsec Iq Fx5u 64mt/es Firmware, Melsec Iq Fx5u 64mt/ess Firmware, Melsec Iq Fx5u 80mr/ds Firmware, Melsec Iq Fx5u 80mr/dss Firmware, Melsec Iq Fx5u 80mr/es Firmware, Melsec Iq Fx5u 80mr/ess Firmware, Melsec Iq Fx5u 80mt/ds Firmware, Melsec Iq Fx5u 80mt/dss Firmware, Melsec Iq Fx5u 80mt/es Firmware, Melsec Iq Fx5u 80mt/ess Firmware, Melsec Iq Fx5uc 32mr/dds Firmware, Melsec Iq Fx5uc 32mr/ds Firmware, Melsec Iq Fx5uc 32mr/ds Ts Firmware, Melsec Iq Fx5uc 32mt/dds Firmware, Melsec Iq Fx5uc 32mt/ds Firmware, Melsec Iq Fx5uc 32mt/dss Ts Firmware, Melsec Iq Fx5uc 32mt/ds Ts Firmware, Melsec Iq Fx5uc 64mr/dds Firmware, Melsec Iq Fx5uc 64mr/ds Firmware, Melsec Iq Fx5uc 64mt/dds Firmware, Melsec Iq Fx5uc 64mt/ds Firmware, Melsec Iq Fx5uc 96mr/dds Firmware, Melsec Iq Fx5uc 96mr/ds Firmware, Melsec Iq Fx5uc 96mt/dds Firmware, Melsec Iq Fx5uc 96mt/ds Firmware
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Mitsubishielectric Melsec Iq Fx5u 32mr/ds | All versions |
Configuration B
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Mitsubishielectric Melsec Iq Fx5u 32mr/dss | All versions |
Configuration C
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Mitsubishielectric Melsec Iq Fx5u 32mr/es | All versions |
Configuration D
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Mitsubishielectric Melsec Iq Fx5u 32mr/ess | All versions |
Configuration E
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Mitsubishielectric Melsec Iq Fx5u 32mt/ds | All versions |
Configuration F
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Mitsubishielectric Melsec Iq Fx5u 32mt/dss | All versions |
Configuration G
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Mitsubishielectric Melsec Iq Fx5u 32mt/es | All versions |
Configuration H
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Mitsubishielectric Melsec Iq Fx5u 32mt/ess | All versions |
Configuration I
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Mitsubishielectric Melsec Iq Fx5u 64mr/ds | All versions |
Configuration J
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Mitsubishielectric Melsec Iq Fx5u 64mr/dss | All versions |
Configuration K
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Mitsubishielectric Melsec Iq Fx5u 64mr/es | All versions |
Configuration L
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Mitsubishielectric Melsec Iq Fx5u 64mr/ess | All versions |
Configuration M
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Mitsubishielectric Melsec Iq Fx5u 64mt/ds | All versions |
Configuration N
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Mitsubishielectric Melsec Iq Fx5u 64mt/dss | All versions |
Configuration O
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Mitsubishielectric Melsec Iq Fx5u 64mt/es | All versions |
Configuration P
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Mitsubishielectric Melsec Iq Fx5u 64mt/ess | All versions |
Configuration Q
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Mitsubishielectric Melsec Iq Fx5u 80mr/ds | All versions |
Configuration R
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Mitsubishielectric Melsec Iq Fx5u 80mr/dss | All versions |
Configuration S
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Mitsubishielectric Melsec Iq Fx5u 80mr/es | All versions |
Configuration T
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Mitsubishielectric Melsec Iq Fx5u 80mr/ess | All versions |
Configuration U
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Mitsubishielectric Melsec Iq Fx5u 80mt/ds | All versions |
Configuration V
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Mitsubishielectric Melsec Iq Fx5u 80mt/dss | All versions |
Configuration W
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Mitsubishielectric Melsec Iq Fx5u 80mt/es | All versions |
Configuration X
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Mitsubishielectric Melsec Iq Fx5u 80mt/ess | All versions |
Configuration Y
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Mitsubishielectric Melsec Iq Fx5uc 32mr/dds | All versions |
Configuration Z
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Mitsubishielectric Melsec Iq Fx5uc 32mr/ds | All versions |
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Mitsubishielectric Melsec Iq Fx5uc 32mr/ds Ts | All versions |
Configuration B
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Mitsubishielectric Melsec Iq Fx5uc 32mt/dds | All versions |
Configuration C
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Mitsubishielectric Melsec Iq Fx5uc 32mt/ds | All versions |
Configuration D
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Mitsubishielectric Melsec Iq Fx5uc 32mt/dss Ts | All versions |
Configuration E
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Mitsubishielectric Melsec Iq Fx5uc 32mt/ds Ts | All versions |
Configuration F
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Mitsubishielectric Melsec Iq Fx5uc 64mr/dds | All versions |
Configuration G
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Mitsubishielectric Melsec Iq Fx5uc 64mr/ds | All versions |
Configuration H
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Mitsubishielectric Melsec Iq Fx5uc 64mt/dds | All versions |
Configuration I
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Mitsubishielectric Melsec Iq Fx5uc 64mt/ds | All versions |
Configuration J
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Mitsubishielectric Melsec Iq Fx5uc 96mr/dds | All versions |
Configuration K
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Mitsubishielectric Melsec Iq Fx5uc 96mr/ds | All versions |
Configuration L
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Mitsubishielectric Melsec Iq Fx5uc 96mt/dds | All versions |
Configuration M
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Mitsubishielectric Melsec Iq Fx5uc 96mt/ds | All versions |
References (7)
Source: Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp
Third Party Advisory
Source: Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp
Third Party AdvisoryUS Government Resource
Source: Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryUS Government Resource
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Timeline
No history available yet.