VYPR

MELSEC iQ-R Series

by Mitsubishielectric

CVEs (27)

  • CVE-2023-4699CriNov 6, 2023
    risk 0.65cvss 10.0epss 0.01

    Missing Authentication for Critical Function vulnerability in Mitsubishi Electric Corporation MELSEC-F Series CPU modules, MELSEC iQ-F Series, MELSEC iQ-R series CPU modules, MELSEC iQ-R series, MELSEC iQ-L series, MELSEC Q series, MELSEC-L series, Mitsubishi Electric CNC…

  • CVE-2023-1424CriMay 24, 2023
    risk 0.65cvss 10.0epss 0.03

    Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series CPU modules and MELSEC iQ-R Series CPU modules allows a remote unauthenticated attacker to cause a denial of service (DoS) condition or…

  • CVE-2020-5656CriNov 2, 2020
    risk 0.64cvss 9.8epss 0.03

    Improper access control vulnerability in TCP/IP function included in the firmware of MELSEC iQ-R series (RJ71EIP91 EtherNet/IP Network Interface Module First 2 digits of serial number are '02' or before, RJ71PN92 PROFINET IO Controller Module First 2 digits of serial number are…

  • CVE-2020-5653CriNov 2, 2020
    risk 0.64cvss 9.8epss 0.03

    Buffer overflow vulnerability in TCP/IP function included in the firmware of MELSEC iQ-R series (RJ71EIP91 EtherNet/IP Network Interface Module First 2 digits of serial number are '02' or before, RJ71PN92 PROFINET IO Controller Module First 2 digits of serial number are '01' or…

  • CVE-2025-15080HigFeb 5, 2026
    risk 0.57cvss epss 0.01

    Improper Validation of Specified Quantity in Input vulnerability in Mitsubishi Electric MELSEC iQ-R Series R08PCPU, R16PCPU, R32PCPU, and R120PCPU allows an unauthenticated attacker to read device data or part of a control program from the affected product, write device data in…

  • CVE-2022-40265HigNov 30, 2022
    risk 0.56cvss 8.6epss 0.01

    Improper Input Validation vulnerability in Mitsubishi Electric Corporation MELSEC iQ-R Series RJ71EN71 Firmware version "65" and prior and Mitsubishi Electric Corporation MELSEC iQ-R Series R04/08/16/32/120ENCPU Network Part Firmware version "65" and prior allows a remote…

  • CVE-2025-7731HigSep 1, 2025
    risk 0.49cvss 7.5epss 0.00

    Cleartext Transmission of Sensitive Information vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series CPU module allows a remote unauthenticated attacker to obtain credential information by intercepting SLMP communication messages, and read or write the device…

  • CVE-2023-2846HigJun 30, 2023
    risk 0.49cvss 7.5epss 0.01

    Authentication Bypass by Capture-replay vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series main modules allows a remote unauthenticated attacker to cancel the password/keyword setting and login to the affected products by sending specially crafted packets.

  • CVE-2023-0457HigMar 3, 2023
    risk 0.49cvss 7.5epss 0.01

    Plaintext Storage of a Password vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series, MELSEC iQ-R Series, MELSEC-Q Series and MELSEC-L Series allows a remote unauthenticated attacker to disclose plaintext credentials stored in project files and login into FTP…

  • CVE-2022-33324HigDec 23, 2022
    risk 0.49cvss 7.5epss 0.02

    Improper Resource Shutdown or Release vulnerability in Mitsubishi Electric Corporation MELSEC iQ-R Series R00/01/02CPU Firmware versions "32" and prior, Mitsubishi Electric Corporation MELSEC iQ-R Series R04/08/16/32/120(EN)CPU Firmware versions "65" and prior, Mitsubishi…

  • CVE-2021-20611HigDec 1, 2021
    risk 0.49cvss 7.5epss 0.03

    Improper Input Validation vulnerability in Mitsubishi Electric MELSEC iQ-R Series R00/01/02CPU, MELSEC iQ-R Series R04/08/16/32/120(EN)CPU, MELSEC iQ-R Series R08/16/32/120SFCPU, MELSEC iQ-R Series R08/16/32/120PCPU, MELSEC iQ-R Series R08/16/32/120PSFCPU, MELSEC iQ-R Series…

  • CVE-2021-20610HigDec 1, 2021
    risk 0.49cvss 7.5epss 0.03

    Improper Handling of Length Parameter Inconsistency vulnerability in Mitsubishi Electric MELSEC iQ-R Series R00/01/02CPU, MELSEC iQ-R Series R04/08/16/32/120(EN)CPU, MELSEC iQ-R Series R08/16/32/120SFCPU, MELSEC iQ-R Series R08/16/32/120PCPU, MELSEC iQ-R Series…

  • CVE-2021-20609HigDec 1, 2021
    risk 0.49cvss 7.5epss 0.03

    Uncontrolled Resource Consumption vulnerability in Mitsubishi Electric MELSEC iQ-R Series R00/01/02CPU, MELSEC iQ-R Series R04/08/16/32/120(EN)CPU, MELSEC iQ-R Series R08/16/32/120SFCPU, MELSEC iQ-R Series R08/16/32/120PCPU, MELSEC iQ-R Series R08/16/32/120PSFCPU, MELSEC iQ-R…

  • CVE-2020-16850HigNov 30, 2020
    risk 0.49cvss 7.5epss 0.02

    Mitsubishi MELSEC iQ-R Series PLCs with firmware 49 allow an unauthenticated attacker to halt the industrial process by sending a crafted packet over the network. This denial of service attack exposes Improper Input Validation. After halting, physical access to the PLC is…

  • CVE-2020-5668HigNov 20, 2020
    risk 0.49cvss 7.5epss 0.05

    Uncontrolled resource consumption vulnerability in MELSEC iQ-R Series modules (R00/01/02CPU firmware version '19' and earlier, R04/08/16/32/120 (EN) CPU firmware version '51' and earlier, R08/16/32/120SFCPU firmware version '22' and earlier, R08/16/32/120PCPU firmware version…

  • CVE-2020-5658HigNov 2, 2020
    risk 0.49cvss 7.5epss 0.03

    Resource Management Errors vulnerability in TCP/IP function included in the firmware of MELSEC iQ-R series (RJ71EIP91 EtherNet/IP Network Interface Module First 2 digits of serial number are '02' or before, RJ71PN92 PROFINET IO Controller Module First 2 digits of serial number…

  • CVE-2020-5655HigNov 2, 2020
    risk 0.49cvss 7.5epss 0.03

    NULL pointer dereferences vulnerability in TCP/IP function included in the firmware of MELSEC iQ-R series (RJ71EIP91 EtherNet/IP Network Interface Module First 2 digits of serial number are '02' or before, RJ71PN92 PROFINET IO Controller Module First 2 digits of serial number…

  • CVE-2020-5654HigNov 2, 2020
    risk 0.49cvss 7.5epss 0.03

    Session fixation vulnerability in TCP/IP function included in the firmware of MELSEC iQ-R series (RJ71EIP91 EtherNet/IP Network Interface Module First 2 digits of serial number are '02' or before, RJ71PN92 PROFINET IO Controller Module First 2 digits of serial number are '01' or…

  • CVE-2020-5652HigNov 2, 2020
    risk 0.49cvss 7.5epss 0.04

    Uncontrolled resource consumption vulnerability in Ethernet Port on MELSEC iQ-R, Q and L series CPU modules (R 00/01/02 CPU firmware versions '20' and earlier, R 04/08/16/32/120 (EN) CPU firmware versions '52' and earlier, R 08/16/32/120 SFCPU firmware versions '22' and earlier,…

  • CVE-2020-13238HigJun 10, 2020
    risk 0.49cvss 7.5epss 0.03

    Mitsubishi MELSEC iQ-R Series PLCs with firmware 33 allow attackers to halt the industrial process by sending an unauthenticated crafted packet over the network, because this denial of service attack consumes excessive CPU time. After halting, physical access to the PLC is…

Page 1 of 2