{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-1424", "assignerOrgId": "e0f77b61-78fd-4786-b3fb-1ee347a748ad", "state": "PUBLISHED", "assignerShortName": "Mitsubishi", "dateReserved": "2023-03-16T02:10:25.722Z", "datePublished": "2023-05-24T04:39:25.040Z", "dateUpdated": "2024-08-02T05:49:11.688Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "MELSEC iQ-F Series FX5U-32MT/ES", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "Serial number 17X**** or later, versions from 1.220 to 1.281"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-F Series FX5U-64MT/ES", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "Serial number 17X**** or later, versions from 1.220 to 1.281"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-F Series FX5U-80MT/ES", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "Serial number 17X**** or later, versions from 1.220 to 1.281"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-F Series FX5U-32MR/ES", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "Serial number 17X**** or later, versions from 1.220 to 1.281"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-F Series FX5U-64MR/ES", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "Serial number 17X**** or later, versions from 1.220 to 1.281"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-F Series FX5U-80MR/ES", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "Serial number 17X**** or later, versions from 1.220 to 1.281"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-F Series FX5U-32MT/DS", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "Serial number 17X**** or later, versions from 1.220 to 1.281"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-F Series FX5U-64MT/DS", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "Serial number 17X**** or later, versions from 1.220 to 1.281"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-F Series FX5U-80MT/DS", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "Serial number 17X**** or later, versions from 1.220 to 1.281"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-F Series FX5U-32MR/DS", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "Serial number 17X**** or later, versions from 1.220 to 1.281"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-F Series FX5U-64MR/DS", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "Serial number 17X**** or later, versions from 1.220 to 1.281"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-F Series FX5U-80MR/DS", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "Serial number 17X**** or later, versions from 1.220 to 1.281"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-F Series FX5U-32MT/ESS", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "Serial number 17X**** or later, versions from 1.220 to 1.281"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-F Series FX5U-64MT/ESS", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "Serial number 17X**** or later, versions from 1.220 to 1.281"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-F Series FX5U-80MT/ESS", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "Serial number 17X**** or later, versions from 1.220 to 1.281"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-F Series FX5U-32MT/DSS", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "Serial number 17X**** or later, versions from 1.220 to 1.281"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-F Series FX5U-64MT/DSS", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "Serial number 17X**** or later, versions from 1.220 to 1.281"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-F Series FX5U-80MT/DSS", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "Serial number 17X**** or later, versions from 1.220 to 1.281"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-F Series FX5UC-32MT/D", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "Serial number 17X**** or later, versions from 1.220 to 1.281"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-F Series FX5UC-64MT/D", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "Serial number 17X**** or later, versions from 1.220 to 1.281"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-F Series FX5UC-96MT/D", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "Serial number 17X**** or later, versions from 1.220 to 1.281"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-F Series FX5UC-32MT/DSS", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "Serial number 17X**** or later, versions from 1.220 to 1.281"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-F Series FX5UC-64MT/DSS", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "Serial number 17X**** or later, versions from 1.220 to 1.281"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-F Series FX5UC-96MT/DSS", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "Serial number 17X**** or later, versions from 1.220 to 1.281"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-F Series FX5UC-32MT/DS-TS", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "versions from 1.220 to 1.281"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-F Series FX5UC-32MT/DSS-TS", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "versions from 1.220 to 1.281"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-F Series FX5UC-32MR/DS-TS", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "versions from 1.220 to 1.281"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-R Series R00CPU", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "versions 35 and prior"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-R Series R01CPU", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "versions 35 and prior"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-R Series R02CPU", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "versions 35 and prior"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-R Series R04CPU", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "versions from 12 to 68"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-R Series R08CPU", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "versions from 12 to 68"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-R Series R16CPU", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "versions from 12 to 68"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-R Series R32CPU", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "versions from 12 to 68"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-R Series R120CPU", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "versions from 12 to 68"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-R Series R04ENCPU", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "versions from 12 to 68"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-R Series R08ENCPU", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "versions from 12 to 68"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-R Series R16ENCPU", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "versions from 12 to 68"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-R Series R32ENCPU", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "versions from 12 to 68"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-R Series R120ENCPU", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "versions from 12 to 68"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-R Series R08SFCPU", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "versions from 26 to 31"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-R Series R16SFCPU", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "versions from 26 to 31"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-R Series R32SFCPU", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "versions from 26 to 31"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-R Series R120SFCPU", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "versions from 26 to 31"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-R Series R08PCPU", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "versions from 3 to 37"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-R Series R16PCPU", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "versions from 3 to 37"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-R Series R32PCPU", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "versions from 3 to 37"}]}, {"defaultStatus": "unaffected", "product": "MELSEC iQ-R Series R120PCPU", "vendor": "Mitsubishi Electric Corporation", "versions": [{"status": "affected", "version": "versions from 3 to 37"}]}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series CPU modules and MELSEC iQ-R Series CPU modules allows a remote unauthenticated attacker to cause a denial of service (DoS) condition or execute malicious code on a target product by sending specially crafted packets. A system reset of the product is required for recovery from a denial of service (DoS) condition and malicious code execution."}], "value": "Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series CPU modules and MELSEC iQ-R Series CPU modules allows a remote unauthenticated attacker to cause a denial of service (DoS) condition or execute malicious code on a target product by sending specially crafted packets. A system reset of the product is required for recovery from a denial of service (DoS) condition and malicious code execution."}], "impacts": [{"descriptions": [{"lang": "en", "value": "Denial-of-Service and Remote Code Execution"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 10, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-120", "description": "CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "e0f77b61-78fd-4786-b3fb-1ee347a748ad", "shortName": "Mitsubishi", "dateUpdated": "2024-03-14T09:05:52.848Z"}, "references": [{"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2023-003_en.pdf"}, {"url": "https://jvn.jp/vu/JVNVU94650413"}, {"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-143-03"}], "source": {"discovery": "UNKNOWN"}, "title": "Denial-of-Service and Remote Code Execution Vulnerability in MELSEC Series CPU module", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"title": "CVE Program Container", "references": [{"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1727"}, {"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2023-003_en.pdf", "tags": ["x_transferred"]}, {"url": "https://jvn.jp/vu/JVNVU94650413", "tags": ["x_transferred"]}, {"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-143-03", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T05:49:11.688Z"}}]}}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishielectric:melsec_iq-fx5u-32mr\\/ds:-:*:*:*:*:*:*:*", "matchCriteriaId": "AA877E9F-6E21-4D0F-A46E-7E7CE860DA19", "vulnerable": false}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishielectric:melsec_iq-fx5u-32mr\\/ds_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "9A78F481-0A1A-44B9-B7F7-14B3A3BED2DA", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishielectric:melsec_iq-fx5u-32mr\\/dss:-:*:*:*:*:*:*:*", "matchCriteriaId": "811C01BB-09E6-4ADF-86F5-8484A5502077", "vulnerable": false}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishielectric:melsec_iq-fx5u-32mr\\/dss_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "3D17A787-9609-4FFA-B160-C07A40406514", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishielectric:melsec_iq-fx5u-32mr\\/es:-:*:*:*:*:*:*:*", "matchCriteriaId": "336ACF95-407C-4EEB-B0D0-A91CE3E80BF9", "vulnerable": false}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishielectric:melsec_iq-fx5u-32mr\\/es_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "434B82A3-B42F-4798-94D0-97B06B5C86A9", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishielectric:melsec_iq-fx5u-32mr\\/ess:-:*:*:*:*:*:*:*", "matchCriteriaId": "1CB6554E-3962-4712-8E03-6AAB3ED90EE2", "vulnerable": false}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishielectric:melsec_iq-fx5u-32mr\\/ess_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "CBB9E685-FE8F-4DDA-9541-D8D570D9DDF6", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishielectric:melsec_iq-fx5u-32mt\\/ds:-:*:*:*:*:*:*:*", "matchCriteriaId": "72530D08-7969-42C8-9677-B0D281D05046", "vulnerable": false}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishielectric:melsec_iq-fx5u-32mt\\/ds_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "EDB1E6BA-12F5-48E2-8FB0-13A905240035", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishielectric:melsec_iq-fx5u-32mt\\/dss:-:*:*:*:*:*:*:*", "matchCriteriaId": "0E48B78B-EB3F-4B37-A417-F8E021230A26", "vulnerable": false}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishielectric:melsec_iq-fx5u-32mt\\/dss_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "4A50F562-3E4B-45CC-B4C6-008E07A54832", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishielectric:melsec_iq-fx5u-32mt\\/es:-:*:*:*:*:*:*:*", "matchCriteriaId": "0D2C90C9-B448-4DB8-95BB-43FA8ACFA45D", "vulnerable": false}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishielectric:melsec_iq-fx5u-32mt\\/es_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "76BC6A1E-B0B2-4EC9-86AC-BEF184384634", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishielectric:melsec_iq-fx5u-32mt\\/ess:-:*:*:*:*:*:*:*", "matchCriteriaId": "ED62C9AA-FD0E-4F54-B5A2-3DF616E022DB", "vulnerable": false}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishielectric:melsec_iq-fx5u-32mt\\/ess_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "C3620276-1A91-49A1-9903-42F6564D0B42", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishielectric:melsec_iq-fx5u-64mr\\/ds_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "99169D1E-D326-480B-A282-441E9D4EE73C", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishielectric:melsec_iq-fx5u-64mr\\/ds:-:*:*:*:*:*:*:*", "matchCriteriaId": "C1FBE704-312F-4F1F-8CCB-4F3B1DA195D5", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishielectric:melsec_iq-fx5u-64mr\\/dss_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "A0BBCE8A-3789-4439-8CAE-BE41F2941B87", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishielectric:melsec_iq-fx5u-64mr\\/dss:-:*:*:*:*:*:*:*", "matchCriteriaId": "3C002FE8-F90B-4357-A9DC-E8464EACE1BA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishielectric:melsec_iq-fx5u-64mr\\/es_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "FAF3A6A0-0CFD-4804-BD94-67F425CEA2DE", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishielectric:melsec_iq-fx5u-64mr\\/es:-:*:*:*:*:*:*:*", "matchCriteriaId": "FAA2ACC3-A707-46E8-891D-15A24900C659", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishielectric:melsec_iq-fx5u-64mr\\/ess_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "CE39D7B6-5782-4F60-9B72-35EAEBC69341", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishielectric:melsec_iq-fx5u-64mr\\/ess:-:*:*:*:*:*:*:*", "matchCriteriaId": "0639FB73-EB71-4C80-8AF3-769F8937F592", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishielectric:melsec_iq-fx5u-64mt\\/ds_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "CAE6E5B8-325F-49F6-B2FF-C9606C945B43", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishielectric:melsec_iq-fx5u-64mt\\/ds:-:*:*:*:*:*:*:*", "matchCriteriaId": "A5ADC97E-6479-4F4B-875F-F8F8D0146813", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishielectric:melsec_iq-fx5u-64mt\\/dss_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "0B882EF2-12F3-4DCC-88DE-E7C2D4F4C090", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishielectric:melsec_iq-fx5u-64mt\\/dss:-:*:*:*:*:*:*:*", "matchCriteriaId": "E7F40EA1-241F-4F6D-9194-FA6DE51055E5", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishielectric:melsec_iq-fx5u-64mt\\/es_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "2EB5881B-9851-4CF7-8CF2-8D58EEDCC6F8", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishielectric:melsec_iq-fx5u-64mt\\/es:-:*:*:*:*:*:*:*", "matchCriteriaId": "12A419A0-9755-42CF-BBF4-A3EA192F177A", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishielectric:melsec_iq-fx5u-64mt\\/ess_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "9039373D-235D-43F8-A835-836F925EF97F", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishielectric:melsec_iq-fx5u-64mt\\/ess:-:*:*:*:*:*:*:*", "matchCriteriaId": "A7A478DA-71CF-45D2-B570-E86E69FCA61C", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishielectric:melsec_iq-fx5u-80mr\\/ds_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "3363A3E3-1133-46F4-A361-7908B6D0A687", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishielectric:melsec_iq-fx5u-80mr\\/ds:-:*:*:*:*:*:*:*", "matchCriteriaId": "AF471BBC-76A3-43C8-90DC-80343DE7CDE5", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishielectric:melsec_iq-fx5u-80mr\\/dss_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "C301CB5A-D2CC-47A9-AD03-A2149A5CEF48", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishielectric:melsec_iq-fx5u-80mr\\/dss:-:*:*:*:*:*:*:*", "matchCriteriaId": "8D391BD4-D228-4157-97FC-D51C12C0FBB6", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishielectric:melsec_iq-fx5u-80mr\\/es_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "AD882172-34AA-4381-A422-AD7018E43E79", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishielectric:melsec_iq-fx5u-80mr\\/es:-:*:*:*:*:*:*:*", "matchCriteriaId": "8DBF9A6F-360B-4B24-A65B-816C91571587", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishielectric:melsec_iq-fx5u-80mr\\/ess_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "16B6C910-2ADC-4383-9826-7233871DC5B8", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishielectric:melsec_iq-fx5u-80mr\\/ess:-:*:*:*:*:*:*:*", "matchCriteriaId": "7249D530-F13C-4E04-B6E9-D0653A132ACA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishielectric:melsec_iq-fx5u-80mt\\/ds_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "7A202065-DD69-43C7-932C-D3B1F0BE2782", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishielectric:melsec_iq-fx5u-80mt\\/ds:-:*:*:*:*:*:*:*", "matchCriteriaId": "39276611-4856-4F8F-A0D8-4926678C4C32", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishielectric:melsec_iq-fx5u-80mt\\/dss_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "9E6EE394-5B83-45F5-AEB3-51B2A58FEED2", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishielectric:melsec_iq-fx5u-80mt\\/dss:-:*:*:*:*:*:*:*", "matchCriteriaId": "7F7B6CE4-79E2-454C-B67F-0A30B4A878D1", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishielectric:melsec_iq-fx5u-80mt\\/es_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "5D012D7E-2A83-4038-BAC6-9A6B472E6480", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishielectric:melsec_iq-fx5u-80mt\\/es:-:*:*:*:*:*:*:*", "matchCriteriaId": "11C3318D-471E-486B-8B2A-F91E8E24020E", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishielectric:melsec_iq-fx5u-80mt\\/ess_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "986FBD4B-6309-44C3-9466-C279CE522C1C", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishielectric:melsec_iq-fx5u-80mt\\/ess:-:*:*:*:*:*:*:*", "matchCriteriaId": "EF9382C7-5089-419F-9279-63B4BD4914D0", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishielectric:melsec_iq-fx5uc-32mr\\/dds_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "B632ED85-BBB2-4362-B715-D5FCE0639CD3", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishielectric:melsec_iq-fx5uc-32mr\\/dds:-:*:*:*:*:*:*:*", "matchCriteriaId": "1989EBFB-3ED0-415B-B1C1-B20692CEE76F", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishielectric:melsec_iq-fx5uc-32mr\\/ds_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "196F4EA9-C638-48F7-95DC-B9FEDA17164E", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishielectric:melsec_iq-fx5uc-32mr\\/ds:-:*:*:*:*:*:*:*", "matchCriteriaId": "95E43EC2-08DC-4262-8CB7-9F2358D52270", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishielectric:melsec_iq-fx5uc-32mr\\/ds-ts_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "C677AA78-D333-485F-A02C-C44E7B7CE1B9", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishielectric:melsec_iq-fx5uc-32mr\\/ds-ts:-:*:*:*:*:*:*:*", "matchCriteriaId": "8410DEF9-7ED9-4089-A3D0-E822128A4C54", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishielectric:melsec_iq-fx5uc-32mt\\/dds_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "EC1A5AA0-18B8-41CB-896D-1D1614701B9E", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishielectric:melsec_iq-fx5uc-32mt\\/dds:-:*:*:*:*:*:*:*", "matchCriteriaId": "3DB03D99-F127-435E-A0C2-8D6DA77A535C", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishielectric:melsec_iq-fx5uc-32mt\\/ds_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "5A4F4266-5FD1-4570-B48C-6B88B3CFB2D5", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishielectric:melsec_iq-fx5uc-32mt\\/ds:-:*:*:*:*:*:*:*", "matchCriteriaId": "AB580164-AA6E-416A-BC50-8B4626BC32A2", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishielectric:melsec_iq-fx5uc-32mt\\/dss-ts_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "AA919E5A-20E1-41C2-A47F-B7A7D8DBEE67", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishielectric:melsec_iq-fx5uc-32mt\\/dss-ts:-:*:*:*:*:*:*:*", "matchCriteriaId": "ECF6BD12-D666-487A-92B4-330FFEC49138", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishielectric:melsec_iq-fx5uc-32mt\\/ds-ts_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "B47177C1-7646-4E24-9CDD-9FDB003B254C", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishielectric:melsec_iq-fx5uc-32mt\\/ds-ts:-:*:*:*:*:*:*:*", "matchCriteriaId": "DB2C1C2D-F7AE-4D68-A714-134AF52E04A6", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishielectric:melsec_iq-fx5uc-64mr\\/dds_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "483A2E84-496C-47FB-AFC1-E303B991E564", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishielectric:melsec_iq-fx5uc-64mr\\/dds:-:*:*:*:*:*:*:*", "matchCriteriaId": "4E9BCB2F-691F-40C6-82BD-CD5C8500CA02", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishielectric:melsec_iq-fx5uc-64mr\\/ds_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "3DE728DE-ECDD-4685-B67C-F36EE9BF3587", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishielectric:melsec_iq-fx5uc-64mr\\/ds:-:*:*:*:*:*:*:*", "matchCriteriaId": "F15FA834-C66E-4062-B5C2-32D03E8DCB75", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishielectric:melsec_iq-fx5uc-64mt\\/dds_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "83D8976D-3844-4886-B958-63AEDAACACCF", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishielectric:melsec_iq-fx5uc-64mt\\/dds:-:*:*:*:*:*:*:*", "matchCriteriaId": "B058CE6F-FA03-4A28-9A33-912273B0070C", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishielectric:melsec_iq-fx5uc-64mt\\/ds_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "566D8523-4885-4317-9FB7-41C299B17F10", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishielectric:melsec_iq-fx5uc-64mt\\/ds:-:*:*:*:*:*:*:*", "matchCriteriaId": "09427F8D-CD76-4F92-953D-9A721FCCAC63", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishielectric:melsec_iq-fx5uc-96mr\\/dds_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "029EA213-0115-46A5-88E6-AC2B363B7D12", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishielectric:melsec_iq-fx5uc-96mr\\/dds:-:*:*:*:*:*:*:*", "matchCriteriaId": "777A4339-A5D2-4C1E-BE0B-92F659D6ACD3", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishielectric:melsec_iq-fx5uc-96mr\\/ds_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "885376E4-6D6F-4B07-9F22-ECF6B8F58EBE", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishielectric:melsec_iq-fx5uc-96mr\\/ds:-:*:*:*:*:*:*:*", "matchCriteriaId": "A1AADFA7-F38C-4901-B21F-9AB01A2B0AC0", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishielectric:melsec_iq-fx5uc-96mt\\/dds_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "4BED7DB2-3022-458C-BE66-CC050D9895E4", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishielectric:melsec_iq-fx5uc-96mt\\/dds:-:*:*:*:*:*:*:*", "matchCriteriaId": "D868A6E0-B377-4EB8-9E36-A5AC1EC3C761", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishielectric:melsec_iq-fx5uc-96mt\\/ds_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "98961CD4-F3DA-41C2-A9A4-4371FC197986", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishielectric:melsec_iq-fx5uc-96mt\\/ds:-:*:*:*:*:*:*:*", "matchCriteriaId": "5073046E-BFD5-437E-9738-1C2FE9BF4A76", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series CPU modules and MELSEC iQ-R Series CPU modules allows a remote unauthenticated attacker to cause a denial of service (DoS) condition or execute malicious code on a target product by sending specially crafted packets. A system reset of the product is required for recovery from a denial of service (DoS) condition and malicious code execution."}], "id": "CVE-2023-1424", "lastModified": "2023-07-07T04:15:10.070", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.2, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 10.0, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 6.0, "source": "Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp", "type": "Secondary"}]}, "published": "2023-05-24T05:15:08.780", "references": [{"source": "Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp", "tags": ["Third Party Advisory"], "url": "https://jvn.jp/vu/JVNVU94650413"}, {"source": "Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp", "tags": ["Third Party Advisory", "US Government Resource"], "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-143-03"}, {"source": "Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp", "tags": ["Patch", "Vendor Advisory"], "url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2023-003_en.pdf"}], "sourceIdentifier": "Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-120"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-120"}], "source": "Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp", "type": "Secondary"}]}

{}