← Back to home
ICSA-19-141-02  ·  Published 2019-05-21  ·  View on CISA ICS-CERT ↗

Mitsubishi Electric MELSEC-Q Series Ethernet Module

CVSS 7.5 HIGH

Risk Summary

Successful exploitation of this vulnerability may render the device unresponsive, requiring a physical reset of the PLC (Programmable Logic Controller).

CVEs (1)

Remediations

  • Mitsubishi Electric has released new firmware Version 20122 for the QJ71E71-100 Ethernet module to mitigate the reported vulnerability.
  • Additional information about the vulnerabilities or Mitsubishi Electric's compensating control is available by contacting a local Mitsubishi Electric representative, which can be found at the following location:
  • Mitsubishi Electric strongly recommends that users should operate the affected device behind a firewall.

Affected Vendors

Mitsubishi Electric

Affected Products (1)

Mitsubishi Electric · QJ71E71-100 <= 20121

Affected Sectors

Critical Manufacturing

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more