漏洞标题
MelSEC 系列中的拒绝服务漏洞
漏洞描述信息
MELSEC系列的拒绝服务(DoS)漏洞
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
漏洞类别
对数据真实性的验证不充分
漏洞标题
Arbitrary Command Execution Vulnerability in Mitsubishi Electric proprietary protocol communication of multiple FA products
漏洞描述信息
Missing Authentication for Critical Function vulnerability in Mitsubishi Electric Corporation MELSEC-F Series CPU modules, MELSEC iQ-F Series, MELSEC iQ-R series CPU modules, MELSEC iQ-R series, MELSEC iQ-L series, MELSEC Q series, MELSEC-L series, Mitsubishi Electric CNC M800V/M80V series, Mitsubishi Electric CNC M800/M80/E80 series and Mitsubishi Electric CNC M700V/M70V/E70 series allows a remote unauthenticated attacker to execute arbitrary commands by sending specific packets to the affected products. This could lead to disclose or tamper with information by reading or writing control programs, or cause a denial-of-service (DoS) condition on the products by resetting the memory contents of the products to factory settings or resetting the products remotely.
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
漏洞类别
关键功能的认证机制缺失
漏洞标题
Mitsubishi Electric Corporation MELSEC-F Series和MELSEC iQ-F Series 数据伪造问题漏洞
漏洞描述信息
Mitsubishi Electric MELSEC iQ-F series和Mitsubishi Electric MELSEC-F Series都是日本三菱电机(Mitsubishi Electric)公司的产品。Mitsubishi Electric MELSEC iQ-F series是一款可编程逻辑控制器。Mitsubishi Electric MELSEC-F Series是工控设备具有模拟和通信功能可扩展性的基本微型 PLC。 Mitsubishi Electric MELSEC-F Ser
CVSS信息
N/A
漏洞类别
授权问题