MELSEC iQ-F Series FX5-ENET

CVEs (7)

CVE	Vendor / Product	Sev	Risk	CVSS	EPSS	Published	Description
CVE-2024-8403	Mitsubishielectric MELSEC iQ-F Series FX5-ENET	Hig	0.49	7.5	0.01	Nov 19, 2024	Improper Validation of Specified Type of Input vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series FX5-ENET versions 1.100 to 1.200 and FX5-ENET/IP versions 1.100 to 1.104 allows a remote attacker to cause a Denial of Service condition in Ethernet communication…
CVE-2023-4699	Mitsubishielectric MELSEC iQ-R Series		0.00	—	0.01	Nov 6, 2023	Missing Authentication for Critical Function vulnerability in Mitsubishi Electric Corporation MELSEC-F Series CPU modules, MELSEC iQ-F Series, MELSEC iQ-R series CPU modules, MELSEC iQ-R series, MELSEC iQ-L series, MELSEC Q series, MELSEC-L series, Mitsubishi Electric CNC…
CVE-2023-4625	Mitsubishielectric MELSEC iQ-F Series CPU module		0.00	—	0.00	Nov 6, 2023	Improper Restriction of Excessive Authentication Attempts vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F/iQ-R Series CPU modules Web server function allows a remote unauthenticated attacker to prevent legitimate users from logging into the Web server function for a…
CVE-2023-1424	Mitsubishielectric MELSEC iQ-F Series CPU module		0.00	—	0.03	May 24, 2023	Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series CPU modules and MELSEC iQ-R Series CPU modules allows a remote unauthenticated attacker to cause a denial of service (DoS) condition or…
CVE-2023-0457	Mitsubishielectric MELSEC iQ-R Series		0.00	—	0.02	Mar 3, 2023	Plaintext Storage of a Password vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series, MELSEC iQ-R Series, MELSEC-Q Series and MELSEC-L Series allows a remote unauthenticated attacker to disclose plaintext credentials stored in project files and login into FTP…
CVE-2022-40267	Mitsubishielectric MELSEC iQ-R Series		0.00	—	0.02	Jan 20, 2023	Predictable Seed in Pseudo-Random Number Generator (PRNG) vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series FX5U-xMy/z (x=32,64,80, y=T,R, z=ES,DS,ESS,DSS) with serial number 17X**** or later, and versions 1.280 and prior, Mitsubishi Electric Corporation MELSEC…
CVE-2022-25161	Mitsubishielectric MELSEC iQ-F Series FX5-ENET		0.00	—	0.00	May 18, 2022	Improper Input Validation vulnerability in Mitsubishi Electric MELSEC iQ-F series FX5U-xMy/z(x=32,64,80, y=T,R, z=ES,DS,ESS,DSS) with serial number 17X**** or later and versions prior to 1.270, Mitsubishi Electric Mitsubishi Electric MELSEC iQ-F series FX5U-xMy/z(x=32,64,80,…

CVE-2024-8403HigNov 19, 2024
Mitsubishielectric
MELSEC iQ-F Series FX5-ENET
risk 0.49cvss 7.5epss 0.01
Improper Validation of Specified Type of Input vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series FX5-ENET versions 1.100 to 1.200 and FX5-ENET/IP versions 1.100 to 1.104 allows a remote attacker to cause a Denial of Service condition in Ethernet communication…
CVE-2023-4699Nov 6, 2023
Mitsubishielectric
MELSEC iQ-R Series
risk 0.00cvss —epss 0.01
Missing Authentication for Critical Function vulnerability in Mitsubishi Electric Corporation MELSEC-F Series CPU modules, MELSEC iQ-F Series, MELSEC iQ-R series CPU modules, MELSEC iQ-R series, MELSEC iQ-L series, MELSEC Q series, MELSEC-L series, Mitsubishi Electric CNC…
CVE-2023-4625Nov 6, 2023
Mitsubishielectric
MELSEC iQ-F Series CPU module
risk 0.00cvss —epss 0.00
Improper Restriction of Excessive Authentication Attempts vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F/iQ-R Series CPU modules Web server function allows a remote unauthenticated attacker to prevent legitimate users from logging into the Web server function for a…
CVE-2023-1424May 24, 2023
Mitsubishielectric
MELSEC iQ-F Series CPU module
risk 0.00cvss —epss 0.03
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series CPU modules and MELSEC iQ-R Series CPU modules allows a remote unauthenticated attacker to cause a denial of service (DoS) condition or…
CVE-2023-0457Mar 3, 2023
Mitsubishielectric
MELSEC iQ-R Series
risk 0.00cvss —epss 0.02
Plaintext Storage of a Password vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series, MELSEC iQ-R Series, MELSEC-Q Series and MELSEC-L Series allows a remote unauthenticated attacker to disclose plaintext credentials stored in project files and login into FTP…
CVE-2022-40267Jan 20, 2023
Mitsubishielectric
MELSEC iQ-R Series
risk 0.00cvss —epss 0.02
Predictable Seed in Pseudo-Random Number Generator (PRNG) vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series FX5U-xMy/z (x=32,64,80, y=T,R, z=ES,DS,ESS,DSS) with serial number 17X**** or later, and versions 1.280 and prior, Mitsubishi Electric Corporation MELSEC…
CVE-2022-25161May 18, 2022
Mitsubishielectric
MELSEC iQ-F Series FX5-ENET
risk 0.00cvss —epss 0.00
Improper Input Validation vulnerability in Mitsubishi Electric MELSEC iQ-F series FX5U-xMy/z(x=32,64,80, y=T,R, z=ES,DS,ESS,DSS) with serial number 17X**** or later and versions prior to 1.270, Mitsubishi Electric Mitsubishi Electric MELSEC iQ-F series FX5U-xMy/z(x=32,64,80,…