Vulnetix
Try Vulnetix Request Demo
CVE-2023-4562 PUBLISHED CVSS 9.100000381469727 CRITICAL

Improper Authentication vulnerability in Mitsubishi Electric Corporation MELSEC-F Series main modules allows a remote unauthenticated attacker to obtain sequence programs from the product or write malicious sequence programs or improper data in the product without authentication by sending illegitimate messages.

EPSS 0.23% · 45.9th percentile

Risk Scores

CVSS v3.1
9.100000381469727
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
EPSS Score
0.23%
45.9th percentile

Affected Products

VendorProductVersions
Mitsubishi Electric CorporationMELSEC-F Series FX3G-24MT/ES-A*, all versions, all versions
Mitsubishi Electric CorporationMELSEC-F Series FX3U-32MT/DSSall versions, all versions, all versions
Mitsubishi Electric CorporationMELSEC-F Series FX3UC-96MT/DSS*, all versions, all versions
mitsubishielectricfx3u-80mt\/es-a_firmware
Mitsubishi Electric CorporationMELSEC-F Series FX3UC-16MT/Dall versions, all versions, all versions
Mitsubishi Electric CorporationMELSEC-F Series FX3U-128MT/DSSall versions, *, all versions
mitsubishielectricfx3sa-14mt-cm_firmware
Mitsubishi Electric CorporationMELSEC-F Series FX3U-64MT/ESall versions, *, all versions
mitsubishielectricfx3g-60_mt\/es_firmware
Mitsubishi Electric CorporationMELSEC-F Series FX3S-20MT/ESSall versions, all versions, all versions
Mitsubishi Electric CorporationMELSEC-F Series FX3G-14MT/DSSall versions, all versions, all versions
mitsubishielectricfx3u-64mt\/dss_firmware
mitsubishielectricfx3ge-24mt\/es_firmware
mitsubishielectricfx3g-60mt\/ess_firmware
mitsubishielectricfx3g-60mr\/es-a_firmware
Mitsubishi Electric CorporationMELSEC-F Series FX3S-10MT/DSS*, all versions, all versions
mitsubishielectricfx3uc-32mt-lt_firmware
Mitsubishi Electric CorporationMELSEC-F Series FX3S-30MT/DS*, all versions, all versions
mitsubishielectricfx3g-14mt\/es_firmware
mitsubishielectricfx3uc_firmware

…and 323 more

Timeline

References

Open in Interactive Console →