Unrated severityNVD Advisory· Published Feb 13, 2024· Updated Aug 2, 2024
CVE-2023-6815
CVE-2023-6815
Description
Incorrect Privilege Assignment vulnerability in Mitsubishi Electric Corporation MELSEC iQ-R Series Safety CPU R08/16/32/120SFCPU all versions and MELSEC iQ-R Series SIL2 Process CPU R08/16/32/120PSFCPU all versions allows a remote authenticated attacker who has logged into the product as a non-administrator user to disclose the credentials (user ID and password) of a user with a lower access level than the attacker by sending a specially crafted packet.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
10- Range: all versions
- Range: all versions
all versions+ 3 more
- (no CPE)range: all versions
- (no CPE)range: all versions
- (no CPE)range: all versions
- (no CPE)range: all versions
- Mitsubishi Electric Corporation/MELSEC iQ-R Series SIL2 Process CPU R08PSFCPUv5Range: all versions
- Mitsubishi Electric Corporation/MELSEC iQ-R Series SIL2 Process CPU R120PSFCPUv5Range: all versions
- Mitsubishi Electric Corporation/MELSEC iQ-R Series SIL2 Process CPU R16PSFCPUv5Range: all versions
- Mitsubishi Electric Corporation/MELSEC iQ-R Series SIL2 Process CPU R32PSFCPUv5Range: all versions
Patches
Vulnerability mechanics
References
3- www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2023-021_en.pdfmitrevendor-advisory
- jvn.jp/vu/JVNVU95085830/index.htmlmitregovernment-resource
- www.cisa.gov/news-events/ics-advisories/icsa-24-044-01mitregovernment-resource
News mentions
0No linked articles in our index yet.