Summary
Detail | |||
---|---|---|---|
Vendor | Mitsubishielectric | First view | 2023-06-30 |
Product | fx3s-14mr/Es Firmware | Last view | 2023-11-06 |
Version | - | Type | Os |
Update | * | ||
Edition | * | ||
Language | * | ||
Sofware Edition | * | ||
Target Software | * | ||
Target Hardware | * | ||
Other | * | ||
CPE Product | cpe:2.3:o:mitsubishielectric:fx3s-14mr/es_firmware |
Activity : Overall
Related : CVE
Date | Alert | Description | |
---|---|---|---|
9.1 | 2023-11-06 | CVE-2023-4699 | Insufficient Verification of Data Authenticity vulnerability in Mitsubishi Electric Corporation MELSEC-F Series main modules and MELSEC iQ-F Series CPU modules allows a remote unauthenticated attacker to reset the memory of the products to factory default state and cause denial-of-service (DoS) condition on the products by sending specific packets. |
9.1 | 2023-10-13 | CVE-2023-4562 | Improper Authentication vulnerability in Mitsubishi Electric Corporation MELSEC-F Series main modules allows a remote unauthenticated attacker to obtain sequence programs from the product or write malicious sequence programs or improper data in the product without authentication by sending illegitimate messages. |
9.1 | 2023-06-30 | CVE-2023-2846 | Authentication Bypass by Capture-replay vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series main modules allows a remote unauthenticated attacker to cancel the password/keyword setting and login to the affected products by sending specially crafted packets. |
CWE : Common Weakness Enumeration
% | id | Name |
---|---|---|
33% (1) | CWE-345 | Insufficient Verification of Data Authenticity |
33% (1) | CWE-294 | Authentication Bypass by Capture-replay |
33% (1) | CWE-287 | Improper Authentication |