CVE-2016-8368

MITRE NVD CVE.ORG Print: PDF PDF

Summary

CVECVE-2016-8368
StatePUBLIC
Assigner[email protected]
Source PriorityCVE Program / NVD first with legacy fallback
Published2017-02-13 21:59:00 UTC
Updated2021-09-13 11:15:00 UTC
DescriptionAn issue was discovered in Mitsubishi Electric Automation MELSEC-Q series Ethernet interface modules QJ71E71-100, all versions, QJ71E71-B5, all versions, and QJ71E71-B2, all versions. The affected Ethernet interface module is connected to a MELSEC-Q PLC, which may allow a remote attacker to connect to the PLC via Port 5002/TCP and cause a denial of service, requiring the PLC to be reset to resume operation. This is caused by an Unrestricted Externally Accessible Lock.

Risk And Classification

Problem Types: CWE-662

NVD Known Affected Configurations (CPE 2.3)

TypeVendorProductVersionUpdateEditionLanguage
Hardware Mitsubishielectric Qj71e71-100 - All All All
Operating System Mitsubishielectric Qj71e71-100 Firmware - All All All
Hardware Mitsubishielectric Qj71e71-b2 - All All All
Operating System Mitsubishielectric Qj71e71-b2 Firmware - All All All
Hardware Mitsubishielectric Qj71e71-b5 - All All All
Operating System Mitsubishielectric Qj71e71-b5 Firmware - All All All
Hardware Mitsubishi Electric Qj71e71-100 - All All All
Hardware Mitsubishi Electric Qj71e71-100 - All All All
Operating System Mitsubishi Electric Qj71e71-100 Firmware - All All All
Operating System Mitsubishi Electric Qj71e71-100 Firmware - All All All
Hardware Mitsubishi Electric Qj71e71-b2 - All All All
Hardware Mitsubishi Electric Qj71e71-b2 - All All All
Operating System Mitsubishi Electric Qj71e71-b2 Firmware - All All All
Operating System Mitsubishi Electric Qj71e71-b2 Firmware - All All All
Hardware Mitsubishi Electric Qj71e71-b5 - All All All
Hardware Mitsubishi Electric Qj71e71-b5 - All All All
Operating System Mitsubishi Electric Qj71e71-b5 Firmware - All All All
Operating System Mitsubishi Electric Qj71e71-b5 Firmware - All All All

References

ReferenceSourceLinkTags
Multiple Mitsubishi Electric MELSEC-Q Series Security Bypass and Denial of Service Vulnerabilities BID www.securityfocus.com Third Party Advisory, VDB Entry
Mitsubishi Electric MELSEC-Q Series Ethernet Interface Module Vulnerabilities | ICS-CERT MISC ics-cert.us-cert.gov Mitigation, Third Party Advisory, US Government Resource
CVE Program record CVE.ORG www.cve.org canonical
NVD vulnerability detail NVD nvd.nist.gov canonical, analysis

Legacy QID Mappings

  • 590636 Mitsubishi Electric MELSEC-Q Series Ethernet Interface Module Multiple Vulnerabilities (ICSA-16-336-03)
© CVE.report 2026 |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

CVE.report and Source URL Uptime Status status.cve.report