QID 590649
Date Published: 2022-03-17
QID 590649: Mitsubishi Electric MELSEC and MELIPC Series Multiple Vulnerabilities (ICSA-21-334-02)
AFFECTED PRODUCTS
The following versions of MELSEC series CPU modules and MELIPC Series Industrial Computers are affected:
MELSEC iQ-R Series R00/01/02CPU, Firmware: Versions 24 and prior
MELSEC iQ-R Series R04/08/16/32/120(EN)CPU Firmware: Versions 57 and prior
MELSEC iQ-R Series R08/16/32/120SFCPU: All versions
MELSEC iQ-R Series R08/16/32/120PCPU Firmware: Versions 29 and prior
MELSEC iQ-R Series R08/16/32/120PSFCPU: All versions
MELSEC iQ-R Series R16/32/64MTCPU: All versions
MELSEC iQ-R Series R12CCPU-V: All versions
MELSEC Q Series Q03UDECPU, Q04/06/10/13/20/26/50/100UDEHCPU: All versions
MELSEC Q Series Q03/04/06/13/26UDVCPU: The first 5 digits of serial No. 23071 and prior
MELSEC Q Series Q04/06/13/26UDPVCPU: The first 5 digits of serial No. 23071 and prior
MELSEC Q Series Q12DCCPU-V, Q24DHCCPU-V(G), Q24/26DHCCPU-LS: All versions
MELSEC Q Series MR-MQ100: All versions
MELSEC Q Series Q172/173DCPU-S1, Q172/172DSCPU: All versions
MELSEC Q Series Q170MCPU, Q170MSCPU(-S1): All versions
MELSEC L Series L02/06/26CPU(-P), L26CPU-(P)BT: All versions
MELIPC Series MI5122-VW: All versions
QID Detection Logic (Authenticated):
QID checks for the Vulnerable version of using passive scanning
Successful exploitation of these vulnerabilities may allow a remote attacker to cause a denial-of-service condition. A system reset is required for recovery.
Customers are advised to refer to CERT MITIGATIONS section ICSA-21-334-02 for affected packages and patching details.
- ICSA-21-334-02 -
www.us-cert.gov/ics/advisories/ICSA-21-334-02
CVEs related to QID 590649
| Advisory ID | Software | Component | Link |
|---|---|---|---|
| ICSA-21-334-02 |
www.us-cert.gov/ics/advisories/ICSA-21-334-02 |