All CISA Advisories, EN

Mitsubishi Electric Corporation MELSEC iQ-F Series CPU Module

View CSAF

1. EXECUTIVE SUMMARY

  • CVSS v3 5.3
  • ATTENTION: Exploitable remotely/Low attack complexity
  • Vendor: Mitsubishi Electric Corporation
  • Equipment: MELSEC iQ-F Series CPU module
  • Vulnerability: Improper Handling of Length Parameter Inconsistency

2. RISK EVALUATION

Successful exploitation of this vulnerability could result in a remote attacker being able to delay the processing of the Web server function and prevent legitimate users from utilizing the Web server function by sending a specially crafted HTTP request.

3. TECHNICAL DETAILS

3.1 AFFECTED PRODUCTS

The following versions of MELSEC iQ-F Series CPU module are affected:

  • MELSEC iQ-F Series CPU module FX5U-32MT/ES: Versions 1.060 and later
  • MELSEC iQ-F Series CPU module FX5U-32MT/DS: Versions 1.060 and later
  • MELSEC iQ-F Series CPU module FX5U-32MT/ESS: Versions 1.060 and later
  • MELSEC iQ-F Series CPU module FX5U-32MT/DSS: Versions 1.060 and later
  • MELSEC iQ-F Series CPU module FX5U-32MR/ES: Versions 1.060 and later
  • MELSEC iQ-F Series CPU module FX5U-32MR/DS: Versions 1.060 and later
  • MELSEC iQ-F Series CPU module FX5U-64MT/ES: Versions 1.060 and later
  • MELSEC iQ-F Series CPU module FX5U-64MT/DS: Versions 1.060 and later
  • MELSEC iQ-F Series CPU module FX5U-64MT/ESS: Versions 1.060 and later
  • MELSEC iQ-F Series CPU module FX5U-64MT/DSS: Versions 1.060 and later
  • MELSEC iQ-F Series CPU module FX5U-64MR/ES: Versions 1.060 and later
  • MELSEC iQ-F Series CPU module FX5U-64MR/DS: Versions 1.060 and later
  • MELSEC iQ-F Series CPU module FX5U-80MT/ES: Versions 1.060 and later
  • MELSEC iQ-F Series CPU module FX5U-80MT/DS: Versions 1.060 and later
  • MELSEC iQ-F Series CPU module FX5U-80MT/ESS: Versions 1.060 and later
  • MELSEC iQ-F Series CPU module FX5U-80MT/DSS: Versions 1.060 and later
  • MELSEC iQ-F Series CPU module FX5U-80MR/ES: Versions 1.060 and later
  • MELSEC iQ-F Series CPU module FX5U-80MR/DS: Versions 1.060 and later
  • MELSEC iQ-F Series CPU module FX5UC-32MT/D: Versions 1.060 and later[…]
    Content was cut in order to protect the source.Please visit the source for the rest of the article.

    This article has been indexed from All CISA Advisories

    Read the original article: