CVE-2023-1424 - Vulnerability Details - OpenCVE

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series CPU modules and MELSEC iQ-R Series CPU modules allows a remote unauthenticated attacker to cause a denial of service (DoS) condition or execute malicious code on a target product by sending specially crafted packets. A system reset of the product is required for recovery from a denial of service (DoS) condition and malicious code execution.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.02783.

Exploitation none

Automatable yes

Technical Impact total

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Mitsubishi Electric Corporation

MELSEC iQ-F Series FX5U-32MT/ES

unaffected

Version	Status	Constraints
`Serial number 17X**** or later, versions from 1.220 to 1.281`	affected	—

Mitsubishi Electric Corporation

MELSEC iQ-F Series FX5U-64MT/ES

unaffected

Version	Status	Constraints
`Serial number 17X**** or later, versions from 1.220 to 1.281`	affected	—

Mitsubishi Electric Corporation

MELSEC iQ-F Series FX5U-80MT/ES

unaffected

Version	Status	Constraints
`Serial number 17X**** or later, versions from 1.220 to 1.281`	affected	—

Mitsubishi Electric Corporation

MELSEC iQ-F Series FX5U-32MR/ES

unaffected

Version	Status	Constraints
`Serial number 17X**** or later, versions from 1.220 to 1.281`	affected	—

Mitsubishi Electric Corporation

MELSEC iQ-F Series FX5U-64MR/ES

unaffected

Version	Status	Constraints
`Serial number 17X**** or later, versions from 1.220 to 1.281`	affected	—

Mitsubishi Electric Corporation

MELSEC iQ-F Series FX5U-80MR/ES

unaffected

Version	Status	Constraints
`Serial number 17X**** or later, versions from 1.220 to 1.281`	affected	—

Mitsubishi Electric Corporation

MELSEC iQ-F Series FX5U-32MT/DS

unaffected

Version	Status	Constraints
`Serial number 17X**** or later, versions from 1.220 to 1.281`	affected	—

Mitsubishi Electric Corporation

MELSEC iQ-F Series FX5U-64MT/DS

unaffected

Version	Status	Constraints
`Serial number 17X**** or later, versions from 1.220 to 1.281`	affected	—

Mitsubishi Electric Corporation

MELSEC iQ-F Series FX5U-80MT/DS

unaffected

Version	Status	Constraints
`Serial number 17X**** or later, versions from 1.220 to 1.281`	affected	—

Mitsubishi Electric Corporation

MELSEC iQ-F Series FX5U-32MR/DS

unaffected

Version	Status	Constraints
`Serial number 17X**** or later, versions from 1.220 to 1.281`	affected	—

Mitsubishi Electric Corporation

MELSEC iQ-F Series FX5U-64MR/DS

unaffected

Version	Status	Constraints
`Serial number 17X**** or later, versions from 1.220 to 1.281`	affected	—

Mitsubishi Electric Corporation

MELSEC iQ-F Series FX5U-80MR/DS

unaffected

Version	Status	Constraints
`Serial number 17X**** or later, versions from 1.220 to 1.281`	affected	—

Mitsubishi Electric Corporation

MELSEC iQ-F Series FX5U-32MT/ESS

unaffected

Version	Status	Constraints
`Serial number 17X**** or later, versions from 1.220 to 1.281`	affected	—

Mitsubishi Electric Corporation

MELSEC iQ-F Series FX5U-64MT/ESS

unaffected

Version	Status	Constraints
`Serial number 17X**** or later, versions from 1.220 to 1.281`	affected	—

Mitsubishi Electric Corporation

MELSEC iQ-F Series FX5U-80MT/ESS

unaffected

Version	Status	Constraints
`Serial number 17X**** or later, versions from 1.220 to 1.281`	affected	—

Mitsubishi Electric Corporation

MELSEC iQ-F Series FX5U-32MT/DSS

unaffected

Version	Status	Constraints
`Serial number 17X**** or later, versions from 1.220 to 1.281`	affected	—

Mitsubishi Electric Corporation

MELSEC iQ-F Series FX5U-64MT/DSS

unaffected

Version	Status	Constraints
`Serial number 17X**** or later, versions from 1.220 to 1.281`	affected	—

Mitsubishi Electric Corporation

MELSEC iQ-F Series FX5U-80MT/DSS

unaffected

Version	Status	Constraints
`Serial number 17X**** or later, versions from 1.220 to 1.281`	affected	—

Mitsubishi Electric Corporation

MELSEC iQ-F Series FX5UC-32MT/D

unaffected

Version	Status	Constraints
`Serial number 17X**** or later, versions from 1.220 to 1.281`	affected	—

Mitsubishi Electric Corporation

MELSEC iQ-F Series FX5UC-64MT/D

unaffected

Version	Status	Constraints
`Serial number 17X**** or later, versions from 1.220 to 1.281`	affected	—

Mitsubishi Electric Corporation

MELSEC iQ-F Series FX5UC-96MT/D

unaffected

Version	Status	Constraints
`Serial number 17X**** or later, versions from 1.220 to 1.281`	affected	—

Mitsubishi Electric Corporation

MELSEC iQ-F Series FX5UC-32MT/DSS

unaffected

Version	Status	Constraints
`Serial number 17X**** or later, versions from 1.220 to 1.281`	affected	—

Mitsubishi Electric Corporation

MELSEC iQ-F Series FX5UC-64MT/DSS

unaffected

Version	Status	Constraints
`Serial number 17X**** or later, versions from 1.220 to 1.281`	affected	—

Mitsubishi Electric Corporation

MELSEC iQ-F Series FX5UC-96MT/DSS

unaffected

Version	Status	Constraints
`Serial number 17X**** or later, versions from 1.220 to 1.281`	affected	—

Mitsubishi Electric Corporation

MELSEC iQ-F Series FX5UC-32MT/DS-TS

unaffected

Version	Status	Constraints
`versions from 1.220 to 1.281`	affected	—

Mitsubishi Electric Corporation

MELSEC iQ-F Series FX5UC-32MT/DSS-TS

unaffected

Version	Status	Constraints
`versions from 1.220 to 1.281`	affected	—

Mitsubishi Electric Corporation

MELSEC iQ-F Series FX5UC-32MR/DS-TS

unaffected

Version	Status	Constraints
`versions from 1.220 to 1.281`	affected	—

Mitsubishi Electric Corporation

MELSEC iQ-R Series R00CPU

unaffected

Version	Status	Constraints
`versions 35 and prior`	affected	—

Mitsubishi Electric Corporation

MELSEC iQ-R Series R01CPU

unaffected

Version	Status	Constraints
`versions 35 and prior`	affected	—

Mitsubishi Electric Corporation

MELSEC iQ-R Series R02CPU

unaffected

Version	Status	Constraints
`versions 35 and prior`	affected	—

Mitsubishi Electric Corporation

MELSEC iQ-R Series R04CPU

unaffected

Version	Status	Constraints
`versions from 12 to 68`	affected	—

Mitsubishi Electric Corporation

MELSEC iQ-R Series R08CPU

unaffected

Version	Status	Constraints
`versions from 12 to 68`	affected	—

Mitsubishi Electric Corporation

MELSEC iQ-R Series R16CPU

unaffected

Version	Status	Constraints
`versions from 12 to 68`	affected	—

Mitsubishi Electric Corporation

MELSEC iQ-R Series R32CPU

unaffected

Version	Status	Constraints
`versions from 12 to 68`	affected	—

Mitsubishi Electric Corporation

MELSEC iQ-R Series R120CPU

unaffected

Version	Status	Constraints
`versions from 12 to 68`	affected	—

Mitsubishi Electric Corporation

MELSEC iQ-R Series R04ENCPU

unaffected

Version	Status	Constraints
`versions from 12 to 68`	affected	—

Mitsubishi Electric Corporation

MELSEC iQ-R Series R08ENCPU

unaffected

Version	Status	Constraints
`versions from 12 to 68`	affected	—

Mitsubishi Electric Corporation

MELSEC iQ-R Series R16ENCPU

unaffected

Version	Status	Constraints
`versions from 12 to 68`	affected	—

Mitsubishi Electric Corporation

MELSEC iQ-R Series R32ENCPU

unaffected

Version	Status	Constraints
`versions from 12 to 68`	affected	—

Mitsubishi Electric Corporation

MELSEC iQ-R Series R120ENCPU

unaffected

Version	Status	Constraints
`versions from 12 to 68`	affected	—

Mitsubishi Electric Corporation

MELSEC iQ-R Series R08SFCPU

unaffected

Version	Status	Constraints
`versions from 26 to 31`	affected	—

Mitsubishi Electric Corporation

MELSEC iQ-R Series R16SFCPU

unaffected

Version	Status	Constraints
`versions from 26 to 31`	affected	—

Mitsubishi Electric Corporation

MELSEC iQ-R Series R32SFCPU

unaffected

Version	Status	Constraints
`versions from 26 to 31`	affected	—

Mitsubishi Electric Corporation

MELSEC iQ-R Series R120SFCPU

unaffected

Version	Status	Constraints
`versions from 26 to 31`	affected	—

Mitsubishi Electric Corporation

MELSEC iQ-R Series R08PCPU

unaffected

Version	Status	Constraints
`versions from 3 to 37`	affected	—

Mitsubishi Electric Corporation

MELSEC iQ-R Series R16PCPU

unaffected

Version	Status	Constraints
`versions from 3 to 37`	affected	—

Mitsubishi Electric Corporation

MELSEC iQ-R Series R32PCPU

unaffected

Version	Status	Constraints
`versions from 3 to 37`	affected	—

Mitsubishi Electric Corporation

MELSEC iQ-R Series R120PCPU

unaffected

Version	Status	Constraints
`versions from 3 to 37`	affected	—

Configuration 1 [-]

AND

cpe:2.3:o:mitsubishielectric:melsec_iq-fx5u-32mr\/ds_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mitsubishielectric:melsec_iq-fx5u-32mr\/ds:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:mitsubishielectric:melsec_iq-fx5u-32mr\/dss_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mitsubishielectric:melsec_iq-fx5u-32mr\/dss:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:o:mitsubishielectric:melsec_iq-fx5u-32mr\/es_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mitsubishielectric:melsec_iq-fx5u-32mr\/es:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND

cpe:2.3:o:mitsubishielectric:melsec_iq-fx5u-32mr\/ess_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mitsubishielectric:melsec_iq-fx5u-32mr\/ess:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND

cpe:2.3:o:mitsubishielectric:melsec_iq-fx5u-32mt\/ds_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mitsubishielectric:melsec_iq-fx5u-32mt\/ds:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND

cpe:2.3:o:mitsubishielectric:melsec_iq-fx5u-32mt\/dss_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mitsubishielectric:melsec_iq-fx5u-32mt\/dss:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND

cpe:2.3:o:mitsubishielectric:melsec_iq-fx5u-32mt\/es_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mitsubishielectric:melsec_iq-fx5u-32mt\/es:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND

cpe:2.3:o:mitsubishielectric:melsec_iq-fx5u-32mt\/ess_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mitsubishielectric:melsec_iq-fx5u-32mt\/ess:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND

cpe:2.3:o:mitsubishielectric:melsec_iq-fx5u-64mr\/ds_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mitsubishielectric:melsec_iq-fx5u-64mr\/ds:-:*:*:*:*:*:*:*

Configuration 10 [-]

AND

cpe:2.3:o:mitsubishielectric:melsec_iq-fx5u-64mr\/dss_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mitsubishielectric:melsec_iq-fx5u-64mr\/dss:-:*:*:*:*:*:*:*

Configuration 11 [-]

AND

cpe:2.3:o:mitsubishielectric:melsec_iq-fx5u-64mr\/es_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mitsubishielectric:melsec_iq-fx5u-64mr\/es:-:*:*:*:*:*:*:*

Configuration 12 [-]

AND

cpe:2.3:o:mitsubishielectric:melsec_iq-fx5u-64mr\/ess_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mitsubishielectric:melsec_iq-fx5u-64mr\/ess:-:*:*:*:*:*:*:*

Configuration 13 [-]

AND

cpe:2.3:o:mitsubishielectric:melsec_iq-fx5u-64mt\/ds_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mitsubishielectric:melsec_iq-fx5u-64mt\/ds:-:*:*:*:*:*:*:*

Configuration 14 [-]

AND

cpe:2.3:o:mitsubishielectric:melsec_iq-fx5u-64mt\/dss_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mitsubishielectric:melsec_iq-fx5u-64mt\/dss:-:*:*:*:*:*:*:*

Configuration 15 [-]

AND

cpe:2.3:o:mitsubishielectric:melsec_iq-fx5u-64mt\/es_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mitsubishielectric:melsec_iq-fx5u-64mt\/es:-:*:*:*:*:*:*:*

Configuration 16 [-]

AND

cpe:2.3:o:mitsubishielectric:melsec_iq-fx5u-64mt\/ess_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mitsubishielectric:melsec_iq-fx5u-64mt\/ess:-:*:*:*:*:*:*:*

Configuration 17 [-]

AND

cpe:2.3:o:mitsubishielectric:melsec_iq-fx5u-80mr\/ds_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mitsubishielectric:melsec_iq-fx5u-80mr\/ds:-:*:*:*:*:*:*:*

Configuration 18 [-]

AND

cpe:2.3:o:mitsubishielectric:melsec_iq-fx5u-80mr\/dss_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mitsubishielectric:melsec_iq-fx5u-80mr\/dss:-:*:*:*:*:*:*:*

Configuration 19 [-]

AND

cpe:2.3:o:mitsubishielectric:melsec_iq-fx5u-80mr\/es_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mitsubishielectric:melsec_iq-fx5u-80mr\/es:-:*:*:*:*:*:*:*

Configuration 20 [-]

AND

cpe:2.3:o:mitsubishielectric:melsec_iq-fx5u-80mr\/ess_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mitsubishielectric:melsec_iq-fx5u-80mr\/ess:-:*:*:*:*:*:*:*

Configuration 21 [-]

AND

cpe:2.3:o:mitsubishielectric:melsec_iq-fx5u-80mt\/ds_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mitsubishielectric:melsec_iq-fx5u-80mt\/ds:-:*:*:*:*:*:*:*

Configuration 22 [-]

AND

cpe:2.3:o:mitsubishielectric:melsec_iq-fx5u-80mt\/dss_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mitsubishielectric:melsec_iq-fx5u-80mt\/dss:-:*:*:*:*:*:*:*

Configuration 23 [-]

AND

cpe:2.3:o:mitsubishielectric:melsec_iq-fx5u-80mt\/es_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mitsubishielectric:melsec_iq-fx5u-80mt\/es:-:*:*:*:*:*:*:*

Configuration 24 [-]

AND

cpe:2.3:o:mitsubishielectric:melsec_iq-fx5u-80mt\/ess_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mitsubishielectric:melsec_iq-fx5u-80mt\/ess:-:*:*:*:*:*:*:*

Configuration 25 [-]

AND

cpe:2.3:o:mitsubishielectric:melsec_iq-fx5uc-32mr\/dds_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mitsubishielectric:melsec_iq-fx5uc-32mr\/dds:-:*:*:*:*:*:*:*

Configuration 26 [-]

AND

cpe:2.3:o:mitsubishielectric:melsec_iq-fx5uc-32mr\/ds_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mitsubishielectric:melsec_iq-fx5uc-32mr\/ds:-:*:*:*:*:*:*:*

Configuration 27 [-]

AND

cpe:2.3:o:mitsubishielectric:melsec_iq-fx5uc-32mr\/ds-ts_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mitsubishielectric:melsec_iq-fx5uc-32mr\/ds-ts:-:*:*:*:*:*:*:*

Configuration 28 [-]

AND

cpe:2.3:o:mitsubishielectric:melsec_iq-fx5uc-32mt\/dds_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mitsubishielectric:melsec_iq-fx5uc-32mt\/dds:-:*:*:*:*:*:*:*

Configuration 29 [-]

AND

cpe:2.3:o:mitsubishielectric:melsec_iq-fx5uc-32mt\/ds_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mitsubishielectric:melsec_iq-fx5uc-32mt\/ds:-:*:*:*:*:*:*:*

Configuration 30 [-]

AND

cpe:2.3:o:mitsubishielectric:melsec_iq-fx5uc-32mt\/dss-ts_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mitsubishielectric:melsec_iq-fx5uc-32mt\/dss-ts:-:*:*:*:*:*:*:*

Configuration 31 [-]

AND

cpe:2.3:o:mitsubishielectric:melsec_iq-fx5uc-32mt\/ds-ts_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mitsubishielectric:melsec_iq-fx5uc-32mt\/ds-ts:-:*:*:*:*:*:*:*

Configuration 32 [-]

AND

cpe:2.3:o:mitsubishielectric:melsec_iq-fx5uc-64mr\/dds_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mitsubishielectric:melsec_iq-fx5uc-64mr\/dds:-:*:*:*:*:*:*:*

Configuration 33 [-]

AND

cpe:2.3:o:mitsubishielectric:melsec_iq-fx5uc-64mr\/ds_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mitsubishielectric:melsec_iq-fx5uc-64mr\/ds:-:*:*:*:*:*:*:*

Configuration 34 [-]

AND

cpe:2.3:o:mitsubishielectric:melsec_iq-fx5uc-64mt\/dds_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mitsubishielectric:melsec_iq-fx5uc-64mt\/dds:-:*:*:*:*:*:*:*

Configuration 35 [-]

AND

cpe:2.3:o:mitsubishielectric:melsec_iq-fx5uc-64mt\/ds_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mitsubishielectric:melsec_iq-fx5uc-64mt\/ds:-:*:*:*:*:*:*:*

Configuration 36 [-]

AND

cpe:2.3:o:mitsubishielectric:melsec_iq-fx5uc-96mr\/dds_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mitsubishielectric:melsec_iq-fx5uc-96mr\/dds:-:*:*:*:*:*:*:*

Configuration 37 [-]

AND

cpe:2.3:o:mitsubishielectric:melsec_iq-fx5uc-96mr\/ds_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mitsubishielectric:melsec_iq-fx5uc-96mr\/ds:-:*:*:*:*:*:*:*

Configuration 38 [-]

AND

cpe:2.3:o:mitsubishielectric:melsec_iq-fx5uc-96mt\/dds_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mitsubishielectric:melsec_iq-fx5uc-96mt\/dds:-:*:*:*:*:*:*:*

Configuration 39 [-]

AND

cpe:2.3:o:mitsubishielectric:melsec_iq-fx5uc-96mt\/ds_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mitsubishielectric:melsec_iq-fx5uc-96mt\/ds:-:*:*:*:*:*:*:*

No data.

No data.

Project Subscriptions

Vendors	Products
Mitsubishielectric Subscribe	Melsec Iq-fx5u-32mr\/ds Subscribe Melsec Iq-fx5u-32mr\/ds Firmware Subscribe Melsec Iq-fx5u-32mr\/dss Subscribe Melsec Iq-fx5u-32mr\/dss Firmware Subscribe Melsec Iq-fx5u-32mr\/es Subscribe Melsec Iq-fx5u-32mr\/es Firmware Subscribe Melsec Iq-fx5u-32mr\/ess Subscribe Melsec Iq-fx5u-32mr\/ess Firmware Subscribe Melsec Iq-fx5u-32mt\/ds Subscribe Melsec Iq-fx5u-32mt\/ds Firmware Subscribe Melsec Iq-fx5u-32mt\/dss Subscribe Melsec Iq-fx5u-32mt\/dss Firmware Subscribe Melsec Iq-fx5u-32mt\/es Subscribe Melsec Iq-fx5u-32mt\/es Firmware Subscribe Melsec Iq-fx5u-32mt\/ess Subscribe Melsec Iq-fx5u-32mt\/ess Firmware Subscribe Melsec Iq-fx5u-64mr\/ds Subscribe Melsec Iq-fx5u-64mr\/ds Firmware Subscribe Melsec Iq-fx5u-64mr\/dss Subscribe Melsec Iq-fx5u-64mr\/dss Firmware Subscribe Melsec Iq-fx5u-64mr\/es Subscribe Melsec Iq-fx5u-64mr\/es Firmware Subscribe Melsec Iq-fx5u-64mr\/ess Subscribe Melsec Iq-fx5u-64mr\/ess Firmware Subscribe Melsec Iq-fx5u-64mt\/ds Subscribe Melsec Iq-fx5u-64mt\/ds Firmware Subscribe Melsec Iq-fx5u-64mt\/dss Subscribe Melsec Iq-fx5u-64mt\/dss Firmware Subscribe Melsec Iq-fx5u-64mt\/es Subscribe Melsec Iq-fx5u-64mt\/es Firmware Subscribe Melsec Iq-fx5u-64mt\/ess Subscribe Melsec Iq-fx5u-64mt\/ess Firmware Subscribe Melsec Iq-fx5u-80mr\/ds Subscribe Melsec Iq-fx5u-80mr\/ds Firmware Subscribe Melsec Iq-fx5u-80mr\/dss Subscribe Melsec Iq-fx5u-80mr\/dss Firmware Subscribe Melsec Iq-fx5u-80mr\/es Subscribe Melsec Iq-fx5u-80mr\/es Firmware Subscribe Melsec Iq-fx5u-80mr\/ess Subscribe Melsec Iq-fx5u-80mr\/ess Firmware Subscribe Melsec Iq-fx5u-80mt\/ds Subscribe Melsec Iq-fx5u-80mt\/ds Firmware Subscribe Melsec Iq-fx5u-80mt\/dss Subscribe Melsec Iq-fx5u-80mt\/dss Firmware Subscribe Melsec Iq-fx5u-80mt\/es Subscribe Melsec Iq-fx5u-80mt\/es Firmware Subscribe Melsec Iq-fx5u-80mt\/ess Subscribe Melsec Iq-fx5u-80mt\/ess Firmware Subscribe Melsec Iq-fx5uc-32mr\/dds Subscribe Melsec Iq-fx5uc-32mr\/dds Firmware Subscribe Melsec Iq-fx5uc-32mr\/ds Subscribe Melsec Iq-fx5uc-32mr\/ds-ts Subscribe Melsec Iq-fx5uc-32mr\/ds-ts Firmware Subscribe Melsec Iq-fx5uc-32mr\/ds Firmware Subscribe Melsec Iq-fx5uc-32mt\/dds Subscribe Melsec Iq-fx5uc-32mt\/dds Firmware Subscribe Melsec Iq-fx5uc-32mt\/ds Subscribe Melsec Iq-fx5uc-32mt\/ds-ts Subscribe Melsec Iq-fx5uc-32mt\/ds-ts Firmware Subscribe Melsec Iq-fx5uc-32mt\/ds Firmware Subscribe Melsec Iq-fx5uc-32mt\/dss-ts Subscribe Melsec Iq-fx5uc-32mt\/dss-ts Firmware Subscribe Melsec Iq-fx5uc-64mr\/dds Subscribe Melsec Iq-fx5uc-64mr\/dds Firmware Subscribe Melsec Iq-fx5uc-64mr\/ds Subscribe Melsec Iq-fx5uc-64mr\/ds Firmware Subscribe Melsec Iq-fx5uc-64mt\/dds Subscribe Melsec Iq-fx5uc-64mt\/dds Firmware Subscribe Melsec Iq-fx5uc-64mt\/ds Subscribe Melsec Iq-fx5uc-64mt\/ds Firmware Subscribe Melsec Iq-fx5uc-96mr\/dds Subscribe Melsec Iq-fx5uc-96mr\/dds Firmware Subscribe Melsec Iq-fx5uc-96mr\/ds Subscribe Melsec Iq-fx5uc-96mr\/ds Firmware Subscribe Melsec Iq-fx5uc-96mt\/dds Subscribe Melsec Iq-fx5uc-96mt\/dds Firmware Subscribe Melsec Iq-fx5uc-96mt\/ds Subscribe Melsec Iq-fx5uc-96mt\/ds Firmware Subscribe

Advisories

Source	ID	Title
EUVD	EUVD-2023-23677	Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series CPU modules and MELSEC iQ-R Series CPU modules allows a remote unauthenticated attacker to cause a denial of service (DoS) condition or execute malicious code on a target product by sending specially crafted packets. A system reset of the product is required for recovery from a denial of service (DoS) condition and malicious code execution.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://jvn.jp/vu/JVNVU94650413
https://www.cisa.gov/news-events/ics-advisories/icsa-23-143-03
https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2023-003_en.pdf
https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1727

History

Wed, 05 Mar 2025 19:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

Fri, 22 Nov 2024 12:00:00 +0000

Type	Values Removed	Values Added
References		https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1727

Projects

Sign in to view the affected projects.

MITRE

Status: PUBLISHED

Assigner: Mitsubishi

Published: 2023-05-24T04:39:25.040Z

Updated: 2025-03-05T18:59:00.469Z

Reserved: 2023-03-16T02:10:25.722Z

Link: CVE-2023-1424

Vulnrichment

Updated: 2024-08-02T05:49:11.688Z

NVD

Status : Modified

Published: 2023-05-24T05:15:08.780

Modified: 2024-11-21T07:39:09.593

Link: CVE-2023-1424

Redhat

No data.

OpenCVE Enrichment

No data.

Weaknesses

CWE-120

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-1424", "assignerOrgId": "e0f77b61-78fd-4786-b3fb-1ee347a748ad", "state": "PUBLISHED", "assignerShortName": "Mitsubishi", "dateReserved": "2023-03-16T02:10:25.722Z", "datePublished": "2023-05-24T04:39:25.040Z", "dateUpdated": "2025-03-05T18:59:00.469Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "MELSEC iQ-F Series FX5U-32MT/ES", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "Serial number 17X**** or later, versions from 1.220 to 1.281"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-F Series FX5U-64MT/ES", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "Serial number 17X**** or later, versions from 1.220 to 1.281"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-F Series FX5U-80MT/ES", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "Serial number 17X**** or later, versions from 1.220 to 1.281"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-F Series FX5U-32MR/ES", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "Serial number 17X**** or later, versions from 1.220 to 1.281"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-F Series FX5U-64MR/ES", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "Serial number 17X**** or later, versions from 1.220 to 1.281"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-F Series FX5U-80MR/ES", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "Serial number 17X**** or later, versions from 1.220 to 1.281"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-F Series FX5U-32MT/DS", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "Serial number 17X**** or later, versions from 1.220 to 1.281"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-F Series FX5U-64MT/DS", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "Serial number 17X**** or later, versions from 1.220 to 1.281"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-F Series FX5U-80MT/DS", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "Serial number 17X**** or later, versions from 1.220 to 1.281"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-F Series FX5U-32MR/DS", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "Serial number 17X**** or later, versions from 1.220 to 1.281"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-F Series FX5U-64MR/DS", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "Serial number 17X**** or later, versions from 1.220 to 1.281"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-F Series FX5U-80MR/DS", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "Serial number 17X**** or later, versions from 1.220 to 1.281"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-F Series FX5U-32MT/ESS", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "Serial number 17X**** or later, versions from 1.220 to 1.281"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-F Series FX5U-64MT/ESS", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "Serial number 17X**** or later, versions from 1.220 to 1.281"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-F Series FX5U-80MT/ESS", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "Serial number 17X**** or later, versions from 1.220 to 1.281"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-F Series FX5U-32MT/DSS", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "Serial number 17X**** or later, versions from 1.220 to 1.281"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-F Series FX5U-64MT/DSS", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "Serial number 17X**** or later, versions from 1.220 to 1.281"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-F Series FX5U-80MT/DSS", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "Serial number 17X**** or later, versions from 1.220 to 1.281"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-F Series FX5UC-32MT/D", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "Serial number 17X**** or later, versions from 1.220 to 1.281"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-F Series FX5UC-64MT/D", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "Serial number 17X**** or later, versions from 1.220 to 1.281"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-F Series FX5UC-96MT/D", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "Serial number 17X**** or later, versions from 1.220 to 1.281"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-F Series FX5UC-32MT/DSS", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "Serial number 17X**** or later, versions from 1.220 to 1.281"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-F Series FX5UC-64MT/DSS", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "Serial number 17X**** or later, versions from 1.220 to 1.281"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-F Series FX5UC-96MT/DSS", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "Serial number 17X**** or later, versions from 1.220 to 1.281"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-F Series FX5UC-32MT/DS-TS", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "versions from 1.220 to 1.281"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-F Series FX5UC-32MT/DSS-TS", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "versions from 1.220 to 1.281"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-F Series FX5UC-32MR/DS-TS", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "versions from 1.220 to 1.281"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-R Series R00CPU", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "versions 35 and prior"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-R Series R01CPU", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "versions 35 and prior"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-R Series R02CPU", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "versions 35 and prior"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-R Series R04CPU", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "versions from 12 to 68"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-R Series R08CPU", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "versions from 12 to 68"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-R Series R16CPU", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "versions from 12 to 68"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-R Series R32CPU", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "versions from 12 to 68"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-R Series R120CPU", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "versions from 12 to 68"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-R Series R04ENCPU", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "versions from 12 to 68"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-R Series R08ENCPU", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "versions from 12 to 68"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-R Series R16ENCPU", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "versions from 12 to 68"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-R Series R32ENCPU", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "versions from 12 to 68"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-R Series R120ENCPU", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "versions from 12 to 68"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-R Series R08SFCPU", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "versions from 26 to 31"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-R Series R16SFCPU", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "versions from 26 to 31"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-R Series R32SFCPU", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "versions from 26 to 31"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-R Series R120SFCPU", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "versions from 26 to 31"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-R Series R08PCPU", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "versions from 3 to 37"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-R Series R16PCPU", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "versions from 3 to 37"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-R Series R32PCPU", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "versions from 3 to 37"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-R Series R120PCPU", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "versions from 3 to 37"}]}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series CPU modules and MELSEC iQ-R Series CPU modules allows a remote unauthenticated attacker to cause a denial of service (DoS) condition or execute malicious code on a target product by sending specially crafted packets. A system reset of the product is required for recovery from a denial of service (DoS) condition and malicious code execution."}], "value": "Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series CPU modules and MELSEC iQ-R Series CPU modules allows a remote unauthenticated attacker to cause a denial of service (DoS) condition or execute malicious code on a target product by sending specially crafted packets. A system reset of the product is required for recovery from a denial of service (DoS) condition and malicious code execution."}], "impacts": [{"descriptions": [{"lang": "en", "value": "Denial-of-Service and Remote Code Execution"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 10, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-120", "description": "CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "e0f77b61-78fd-4786-b3fb-1ee347a748ad", "shortName": "Mitsubishi", "dateUpdated": "2024-03-14T09:05:52.848Z"}, "references": [{"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2023-003_en.pdf"}, {"url": "https://jvn.jp/vu/JVNVU94650413"}, {"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-143-03"}], "source": {"discovery": "UNKNOWN"}, "title": "Denial-of-Service and Remote Code Execution Vulnerability in MELSEC Series CPU module", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"title": "CVE Program Container", "references": [{"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1727"}, {"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2023-003_en.pdf", "tags": ["x_transferred"]}, {"url": "https://jvn.jp/vu/JVNVU94650413", "tags": ["x_transferred"]}, {"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-143-03", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T05:49:11.688Z"}}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-03-05T18:40:02.709362Z", "id": "CVE-2023-1424", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-03-05T18:59:00.469Z"}}]}}

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-1424", "assignerOrgId": "e0f77b61-78fd-4786-b3fb-1ee347a748ad", "state": "PUBLISHED", "assignerShortName": "Mitsubishi", "dateReserved": "2023-03-16T02:10:25.722Z", "datePublished": "2023-05-24T04:39:25.040Z", "dateUpdated": "2025-03-05T18:59:00.469Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "MELSEC iQ-F Series FX5U-32MT/ES", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "Serial number 17X**** or later, versions from 1.220 to 1.281"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-F Series FX5U-64MT/ES", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "Serial number 17X**** or later, versions from 1.220 to 1.281"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-F Series FX5U-80MT/ES", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "Serial number 17X**** or later, versions from 1.220 to 1.281"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-F Series FX5U-32MR/ES", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "Serial number 17X**** or later, versions from 1.220 to 1.281"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-F Series FX5U-64MR/ES", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "Serial number 17X**** or later, versions from 1.220 to 1.281"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-F Series FX5U-80MR/ES", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "Serial number 17X**** or later, versions from 1.220 to 1.281"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-F Series FX5U-32MT/DS", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "Serial number 17X**** or later, versions from 1.220 to 1.281"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-F Series FX5U-64MT/DS", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "Serial number 17X**** or later, versions from 1.220 to 1.281"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-F Series FX5U-80MT/DS", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "Serial number 17X**** or later, versions from 1.220 to 1.281"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-F Series FX5U-32MR/DS", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "Serial number 17X**** or later, versions from 1.220 to 1.281"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-F Series FX5U-64MR/DS", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "Serial number 17X**** or later, versions from 1.220 to 1.281"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-F Series FX5U-80MR/DS", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "Serial number 17X**** or later, versions from 1.220 to 1.281"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-F Series FX5U-32MT/ESS", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "Serial number 17X**** or later, versions from 1.220 to 1.281"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-F Series FX5U-64MT/ESS", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "Serial number 17X**** or later, versions from 1.220 to 1.281"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-F Series FX5U-80MT/ESS", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "Serial number 17X**** or later, versions from 1.220 to 1.281"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-F Series FX5U-32MT/DSS", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "Serial number 17X**** or later, versions from 1.220 to 1.281"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-F Series FX5U-64MT/DSS", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "Serial number 17X**** or later, versions from 1.220 to 1.281"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-F Series FX5U-80MT/DSS", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "Serial number 17X**** or later, versions from 1.220 to 1.281"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-F Series FX5UC-32MT/D", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "Serial number 17X**** or later, versions from 1.220 to 1.281"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-F Series FX5UC-64MT/D", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "Serial number 17X**** or later, versions from 1.220 to 1.281"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-F Series FX5UC-96MT/D", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "Serial number 17X**** or later, versions from 1.220 to 1.281"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-F Series FX5UC-32MT/DSS", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "Serial number 17X**** or later, versions from 1.220 to 1.281"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-F Series FX5UC-64MT/DSS", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "Serial number 17X**** or later, versions from 1.220 to 1.281"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-F Series FX5UC-96MT/DSS", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "Serial number 17X**** or later, versions from 1.220 to 1.281"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-F Series FX5UC-32MT/DS-TS", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "versions from 1.220 to 1.281"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-F Series FX5UC-32MT/DSS-TS", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "versions from 1.220 to 1.281"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-F Series FX5UC-32MR/DS-TS", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "versions from 1.220 to 1.281"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-R Series R00CPU", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "versions 35 and prior"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-R Series R01CPU", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "versions 35 and prior"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-R Series R02CPU", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "versions 35 and prior"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-R Series R04CPU", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "versions from 12 to 68"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-R Series R08CPU", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "versions from 12 to 68"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-R Series R16CPU", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "versions from 12 to 68"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-R Series R32CPU", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "versions from 12 to 68"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-R Series R120CPU", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "versions from 12 to 68"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-R Series R04ENCPU", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "versions from 12 to 68"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-R Series R08ENCPU", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "versions from 12 to 68"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-R Series R16ENCPU", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "versions from 12 to 68"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-R Series R32ENCPU", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "versions from 12 to 68"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-R Series R120ENCPU", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "versions from 12 to 68"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-R Series R08SFCPU", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "versions from 26 to 31"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-R Series R16SFCPU", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "versions from 26 to 31"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-R Series R32SFCPU", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "versions from 26 to 31"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-R Series R120SFCPU", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "versions from 26 to 31"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-R Series R08PCPU", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "versions from 3 to 37"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-R Series R16PCPU", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "versions from 3 to 37"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-R Series R32PCPU", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "versions from 3 to 37"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-R Series R120PCPU", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "versions from 3 to 37"}]}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series CPU modules and MELSEC iQ-R Series CPU modules allows a remote unauthenticated attacker to cause a denial of service (DoS) condition or execute malicious code on a target product by sending specially crafted packets. A system reset of the product is required for recovery from a denial of service (DoS) condition and malicious code execution."}], "value": "Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series CPU modules and MELSEC iQ-R Series CPU modules allows a remote unauthenticated attacker to cause a denial of service (DoS) condition or execute malicious code on a target product by sending specially crafted packets. A system reset of the product is required for recovery from a denial of service (DoS) condition and malicious code execution."}], "impacts": [{"descriptions": [{"lang": "en", "value": "Denial-of-Service and Remote Code Execution"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 10, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-120", "description": "CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "e0f77b61-78fd-4786-b3fb-1ee347a748ad", "shortName": "Mitsubishi", "dateUpdated": "2024-03-14T09:05:52.848Z"}, "references": [{"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2023-003_en.pdf"}, {"url": "https://jvn.jp/vu/JVNVU94650413"}, {"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-143-03"}], "source": {"discovery": "UNKNOWN"}, "title": "Denial-of-Service and Remote Code Execution Vulnerability in MELSEC Series CPU module", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"title": "CVE Program Container", "references": [{"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1727"}, {"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2023-003_en.pdf", "tags": ["x_transferred"]}, {"url": "https://jvn.jp/vu/JVNVU94650413", "tags": ["x_transferred"]}, {"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-143-03", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T05:49:11.688Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-1424", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-03-05T18:40:02.709362Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-03-05T18:40:32.145Z"}}]}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishielectric:melsec_iq-fx5u-32mr\\/ds_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "9A78F481-0A1A-44B9-B7F7-14B3A3BED2DA", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishielectric:melsec_iq-fx5u-32mr\\/ds:-:*:*:*:*:*:*:*", "matchCriteriaId": "AA877E9F-6E21-4D0F-A46E-7E7CE860DA19", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishielectric:melsec_iq-fx5u-32mr\\/dss_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "3D17A787-9609-4FFA-B160-C07A40406514", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishielectric:melsec_iq-fx5u-32mr\\/dss:-:*:*:*:*:*:*:*", "matchCriteriaId": "811C01BB-09E6-4ADF-86F5-8484A5502077", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishielectric:melsec_iq-fx5u-32mr\\/es_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "434B82A3-B42F-4798-94D0-97B06B5C86A9", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishielectric:melsec_iq-fx5u-32mr\\/es:-:*:*:*:*:*:*:*", "matchCriteriaId": "336ACF95-407C-4EEB-B0D0-A91CE3E80BF9", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishielectric:melsec_iq-fx5u-32mr\\/ess_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "CBB9E685-FE8F-4DDA-9541-D8D570D9DDF6", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishielectric:melsec_iq-fx5u-32mr\\/ess:-:*:*:*:*:*:*:*", "matchCriteriaId": "1CB6554E-3962-4712-8E03-6AAB3ED90EE2", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishielectric:melsec_iq-fx5u-32mt\\/ds_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "EDB1E6BA-12F5-48E2-8FB0-13A905240035", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishielectric:melsec_iq-fx5u-32mt\\/ds:-:*:*:*:*:*:*:*", "matchCriteriaId": "72530D08-7969-42C8-9677-B0D281D05046", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishielectric:melsec_iq-fx5u-32mt\\/dss_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "4A50F562-3E4B-45CC-B4C6-008E07A54832", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishielectric:melsec_iq-fx5u-32mt\\/dss:-:*:*:*:*:*:*:*", "matchCriteriaId": "0E48B78B-EB3F-4B37-A417-F8E021230A26", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishielectric:melsec_iq-fx5u-32mt\\/es_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "76BC6A1E-B0B2-4EC9-86AC-BEF184384634", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishielectric:melsec_iq-fx5u-32mt\\/es:-:*:*:*:*:*:*:*", "matchCriteriaId": "0D2C90C9-B448-4DB8-95BB-43FA8ACFA45D", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishielectric:melsec_iq-fx5u-32mt\\/ess_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "C3620276-1A91-49A1-9903-42F6564D0B42", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishielectric:melsec_iq-fx5u-32mt\\/ess:-:*:*:*:*:*:*:*", "matchCriteriaId": "ED62C9AA-FD0E-4F54-B5A2-3DF616E022DB", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishielectric:melsec_iq-fx5u-64mr\\/ds_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "99169D1E-D326-480B-A282-441E9D4EE73C", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishielectric:melsec_iq-fx5u-64mr\\/ds:-:*:*:*:*:*:*:*", "matchCriteriaId": "C1FBE704-312F-4F1F-8CCB-4F3B1DA195D5", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishielectric:melsec_iq-fx5u-64mr\\/dss_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "A0BBCE8A-3789-4439-8CAE-BE41F2941B87", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishielectric:melsec_iq-fx5u-64mr\\/dss:-:*:*:*:*:*:*:*", "matchCriteriaId": "3C002FE8-F90B-4357-A9DC-E8464EACE1BA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishielectric:melsec_iq-fx5u-64mr\\/es_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "FAF3A6A0-0CFD-4804-BD94-67F425CEA2DE", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishielectric:melsec_iq-fx5u-64mr\\/es:-:*:*:*:*:*:*:*", "matchCriteriaId": "FAA2ACC3-A707-46E8-891D-15A24900C659", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishielectric:melsec_iq-fx5u-64mr\\/ess_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "CE39D7B6-5782-4F60-9B72-35EAEBC69341", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishielectric:melsec_iq-fx5u-64mr\\/ess:-:*:*:*:*:*:*:*", "matchCriteriaId": "0639FB73-EB71-4C80-8AF3-769F8937F592", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishielectric:melsec_iq-fx5u-64mt\\/ds_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "CAE6E5B8-325F-49F6-B2FF-C9606C945B43", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishielectric:melsec_iq-fx5u-64mt\\/ds:-:*:*:*:*:*:*:*", "matchCriteriaId": "A5ADC97E-6479-4F4B-875F-F8F8D0146813", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishielectric:melsec_iq-fx5u-64mt\\/dss_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "0B882EF2-12F3-4DCC-88DE-E7C2D4F4C090", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishielectric:melsec_iq-fx5u-64mt\\/dss:-:*:*:*:*:*:*:*", "matchCriteriaId": "E7F40EA1-241F-4F6D-9194-FA6DE51055E5", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishielectric:melsec_iq-fx5u-64mt\\/es_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "2EB5881B-9851-4CF7-8CF2-8D58EEDCC6F8", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishielectric:melsec_iq-fx5u-64mt\\/es:-:*:*:*:*:*:*:*", "matchCriteriaId": "12A419A0-9755-42CF-BBF4-A3EA192F177A", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishielectric:melsec_iq-fx5u-64mt\\/ess_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "9039373D-235D-43F8-A835-836F925EF97F", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishielectric:melsec_iq-fx5u-64mt\\/ess:-:*:*:*:*:*:*:*", "matchCriteriaId": "A7A478DA-71CF-45D2-B570-E86E69FCA61C", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishielectric:melsec_iq-fx5u-80mr\\/ds_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "3363A3E3-1133-46F4-A361-7908B6D0A687", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishielectric:melsec_iq-fx5u-80mr\\/ds:-:*:*:*:*:*:*:*", "matchCriteriaId": "AF471BBC-76A3-43C8-90DC-80343DE7CDE5", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishielectric:melsec_iq-fx5u-80mr\\/dss_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "C301CB5A-D2CC-47A9-AD03-A2149A5CEF48", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishielectric:melsec_iq-fx5u-80mr\\/dss:-:*:*:*:*:*:*:*", "matchCriteriaId": "8D391BD4-D228-4157-97FC-D51C12C0FBB6", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishielectric:melsec_iq-fx5u-80mr\\/es_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "AD882172-34AA-4381-A422-AD7018E43E79", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishielectric:melsec_iq-fx5u-80mr\\/es:-:*:*:*:*:*:*:*", "matchCriteriaId": "8DBF9A6F-360B-4B24-A65B-816C91571587", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishielectric:melsec_iq-fx5u-80mr\\/ess_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "16B6C910-2ADC-4383-9826-7233871DC5B8", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishielectric:melsec_iq-fx5u-80mr\\/ess:-:*:*:*:*:*:*:*", "matchCriteriaId": "7249D530-F13C-4E04-B6E9-D0653A132ACA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishielectric:melsec_iq-fx5u-80mt\\/ds_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "7A202065-DD69-43C7-932C-D3B1F0BE2782", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishielectric:melsec_iq-fx5u-80mt\\/ds:-:*:*:*:*:*:*:*", "matchCriteriaId": "39276611-4856-4F8F-A0D8-4926678C4C32", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishielectric:melsec_iq-fx5u-80mt\\/dss_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "9E6EE394-5B83-45F5-AEB3-51B2A58FEED2", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishielectric:melsec_iq-fx5u-80mt\\/dss:-:*:*:*:*:*:*:*", "matchCriteriaId": "7F7B6CE4-79E2-454C-B67F-0A30B4A878D1", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishielectric:melsec_iq-fx5u-80mt\\/es_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "5D012D7E-2A83-4038-BAC6-9A6B472E6480", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishielectric:melsec_iq-fx5u-80mt\\/es:-:*:*:*:*:*:*:*", "matchCriteriaId": "11C3318D-471E-486B-8B2A-F91E8E24020E", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishielectric:melsec_iq-fx5u-80mt\\/ess_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "986FBD4B-6309-44C3-9466-C279CE522C1C", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishielectric:melsec_iq-fx5u-80mt\\/ess:-:*:*:*:*:*:*:*", "matchCriteriaId": "EF9382C7-5089-419F-9279-63B4BD4914D0", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishielectric:melsec_iq-fx5uc-32mr\\/dds_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "B632ED85-BBB2-4362-B715-D5FCE0639CD3", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishielectric:melsec_iq-fx5uc-32mr\\/dds:-:*:*:*:*:*:*:*", "matchCriteriaId": "1989EBFB-3ED0-415B-B1C1-B20692CEE76F", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishielectric:melsec_iq-fx5uc-32mr\\/ds_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "196F4EA9-C638-48F7-95DC-B9FEDA17164E", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishielectric:melsec_iq-fx5uc-32mr\\/ds:-:*:*:*:*:*:*:*", "matchCriteriaId": "95E43EC2-08DC-4262-8CB7-9F2358D52270", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishielectric:melsec_iq-fx5uc-32mr\\/ds-ts_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "C677AA78-D333-485F-A02C-C44E7B7CE1B9", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishielectric:melsec_iq-fx5uc-32mr\\/ds-ts:-:*:*:*:*:*:*:*", "matchCriteriaId": "8410DEF9-7ED9-4089-A3D0-E822128A4C54", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishielectric:melsec_iq-fx5uc-32mt\\/dds_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "EC1A5AA0-18B8-41CB-896D-1D1614701B9E", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishielectric:melsec_iq-fx5uc-32mt\\/dds:-:*:*:*:*:*:*:*", "matchCriteriaId": "3DB03D99-F127-435E-A0C2-8D6DA77A535C", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishielectric:melsec_iq-fx5uc-32mt\\/ds_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "5A4F4266-5FD1-4570-B48C-6B88B3CFB2D5", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishielectric:melsec_iq-fx5uc-32mt\\/ds:-:*:*:*:*:*:*:*", "matchCriteriaId": "AB580164-AA6E-416A-BC50-8B4626BC32A2", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishielectric:melsec_iq-fx5uc-32mt\\/dss-ts_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "AA919E5A-20E1-41C2-A47F-B7A7D8DBEE67", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishielectric:melsec_iq-fx5uc-32mt\\/dss-ts:-:*:*:*:*:*:*:*", "matchCriteriaId": "ECF6BD12-D666-487A-92B4-330FFEC49138", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishielectric:melsec_iq-fx5uc-32mt\\/ds-ts_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "B47177C1-7646-4E24-9CDD-9FDB003B254C", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishielectric:melsec_iq-fx5uc-32mt\\/ds-ts:-:*:*:*:*:*:*:*", "matchCriteriaId": "DB2C1C2D-F7AE-4D68-A714-134AF52E04A6", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishielectric:melsec_iq-fx5uc-64mr\\/dds_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "483A2E84-496C-47FB-AFC1-E303B991E564", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishielectric:melsec_iq-fx5uc-64mr\\/dds:-:*:*:*:*:*:*:*", "matchCriteriaId": "4E9BCB2F-691F-40C6-82BD-CD5C8500CA02", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishielectric:melsec_iq-fx5uc-64mr\\/ds_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "3DE728DE-ECDD-4685-B67C-F36EE9BF3587", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishielectric:melsec_iq-fx5uc-64mr\\/ds:-:*:*:*:*:*:*:*", "matchCriteriaId": "F15FA834-C66E-4062-B5C2-32D03E8DCB75", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishielectric:melsec_iq-fx5uc-64mt\\/dds_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "83D8976D-3844-4886-B958-63AEDAACACCF", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishielectric:melsec_iq-fx5uc-64mt\\/dds:-:*:*:*:*:*:*:*", "matchCriteriaId": "B058CE6F-FA03-4A28-9A33-912273B0070C", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishielectric:melsec_iq-fx5uc-64mt\\/ds_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "566D8523-4885-4317-9FB7-41C299B17F10", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishielectric:melsec_iq-fx5uc-64mt\\/ds:-:*:*:*:*:*:*:*", "matchCriteriaId": "09427F8D-CD76-4F92-953D-9A721FCCAC63", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishielectric:melsec_iq-fx5uc-96mr\\/dds_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "029EA213-0115-46A5-88E6-AC2B363B7D12", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishielectric:melsec_iq-fx5uc-96mr\\/dds:-:*:*:*:*:*:*:*", "matchCriteriaId": "777A4339-A5D2-4C1E-BE0B-92F659D6ACD3", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishielectric:melsec_iq-fx5uc-96mr\\/ds_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "885376E4-6D6F-4B07-9F22-ECF6B8F58EBE", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishielectric:melsec_iq-fx5uc-96mr\\/ds:-:*:*:*:*:*:*:*", "matchCriteriaId": "A1AADFA7-F38C-4901-B21F-9AB01A2B0AC0", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishielectric:melsec_iq-fx5uc-96mt\\/dds_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "4BED7DB2-3022-458C-BE66-CC050D9895E4", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishielectric:melsec_iq-fx5uc-96mt\\/dds:-:*:*:*:*:*:*:*", "matchCriteriaId": "D868A6E0-B377-4EB8-9E36-A5AC1EC3C761", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishielectric:melsec_iq-fx5uc-96mt\\/ds_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "98961CD4-F3DA-41C2-A9A4-4371FC197986", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishielectric:melsec_iq-fx5uc-96mt\\/ds:-:*:*:*:*:*:*:*", "matchCriteriaId": "5073046E-BFD5-437E-9738-1C2FE9BF4A76", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series CPU modules and MELSEC iQ-R Series CPU modules allows a remote unauthenticated attacker to cause a denial of service (DoS) condition or execute malicious code on a target product by sending specially crafted packets. A system reset of the product is required for recovery from a denial of service (DoS) condition and malicious code execution."}], "id": "CVE-2023-1424", "lastModified": "2024-11-21T07:39:09.593", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 10.0, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 6.0, "source": "Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp", "type": "Secondary"}, {"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.2, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-05-24T05:15:08.780", "references": [{"source": "Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp", "tags": ["Third Party Advisory"], "url": "https://jvn.jp/vu/JVNVU94650413"}, {"source": "Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp", "tags": ["Third Party Advisory", "US Government Resource"], "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-143-03"}, {"source": "Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp", "tags": ["Patch", "Vendor Advisory"], "url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2023-003_en.pdf"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://jvn.jp/vu/JVNVU94650413"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "US Government Resource"], "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-143-03"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2023-003_en.pdf"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1727"}], "sourceIdentifier": "Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-120"}], "source": "Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-120"}], "source": "nvd@nist.gov", "type": "Primary"}]}