QID 590711
QID 590711: Mitsubishi Electric Factory Automation Engineering Software Products Multiple Vulnerabilities (ICSA-20-182-02)
AFFECTED PRODUCTS
The following versions of Factory Automation engineering software products are affected:
CPU Module Logging Configuration Tool, Versions 1.94Y and prior
CW Configurator, Versions 1.010L and prior
EM Software Development Kit (EM Configurator), Versions 1.010L and prior
GT Designer3GOT2000), Versions 1.221F and prior
GX LogViewer, Versions 1.96A and prior
GX Works2, Versions 1.586L and prior
GX Works3, Versions 1.058L and prior
M_CommDTM-HART, Version 1.00A
M_CommDTM-IO-Link, Versions 1.02C and prior
MELFA-Works, Versions 4.3 and prior
MELSEC-L Flexible High-Speed I/O Control Module Configuration Tool, Versions 1.004E and prior
MELSOFT FieldDeviceConfigurator, Versions 1.03D and prior
MELSOFT iQ AppPortal, Versions 1.11M and prior
MELSOFT Navigator, Versions 2.58L and prior
MI Configurator, Versions 1.003D and prior
Motion Control Setting, Versions 1.005F and prior
MR Configurator2, Versions 1.72A and prior
MT Works2, Versions 1.156N and prior
RT ToolBox2, Versions 3.72A and prior
RT ToolBox3, Versions 1.50C and prior
QID Detection Logic (Authenticated):
QID checks for the Vulnerable version of using passive scanning
Successful exploitation of these vulnerabilities could allow a local attacker to send files outside of the system as well as cause a denial-of-service condition.
Customers are advised to refer to CERT MITIGATIONS section ICSA-20-182-02 for affected packages and patching details.
- ICSA-20-182-02 -
www.us-cert.gov/ics/advisories/ICSA-20-182-02
CVEs related to QID 590711
| Advisory ID | Software | Component | Link |
|---|---|---|---|
| ICSA-20-182-02 |
www.us-cert.gov/ics/advisories/ICSA-20-182-02 |