Summary
| Detail | |||
|---|---|---|---|
| Vendor | Mitsubishielectric | First view | 2023-06-30 |
| Product | fx3s-14mr/Es Firmware | Last view | 2023-11-06 |
| Version | - | Type | Os |
| Update | * | ||
| Edition | * | ||
| Language | * | ||
| Sofware Edition | * | ||
| Target Software | * | ||
| Target Hardware | * | ||
| Other | * | ||
| CPE Product | cpe:2.3:o:mitsubishielectric:fx3s-14mr/es_firmware | ||
Activity : Overall
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 9.1 | 2023-11-06 | CVE-2023-4699 | Insufficient Verification of Data Authenticity vulnerability in Mitsubishi Electric Corporation MELSEC-F Series main modules and MELSEC iQ-F Series CPU modules allows a remote unauthenticated attacker to reset the memory of the products to factory default state and cause denial-of-service (DoS) condition on the products by sending specific packets. |
| 9.1 | 2023-10-13 | CVE-2023-4562 | Improper Authentication vulnerability in Mitsubishi Electric Corporation MELSEC-F Series main modules allows a remote unauthenticated attacker to obtain sequence programs from the product or write malicious sequence programs or improper data in the product without authentication by sending illegitimate messages. |
| 9.1 | 2023-06-30 | CVE-2023-2846 | Authentication Bypass by Capture-replay vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series main modules allows a remote unauthenticated attacker to cancel the password/keyword setting and login to the affected products by sending specially crafted packets. |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 33% (1) | CWE-345 | Insufficient Verification of Data Authenticity |
| 33% (1) | CWE-294 | Authentication Bypass by Capture-replay |
| 33% (1) | CWE-287 | Improper Authentication |
