← Back to home
ICSA-20-282-02  ·  Published 2024-08-22  ·  View on CISA ICS-CERT ↗

Mitsubishi Electric MELSEC iQ-R Series (Update D)

CVSS 8.6 HIGH

Risk Summary

Successful exploitation of this vulnerability could cause a denial-of-service condition.

CVEs (1)

Remediations

  • Mitsubishi Electric recommends that customers update to the following:
  • iQ-R series R00CPU: Version 21 or later
  • iQ-R series R01CPU: Version 21 or later
  • iQ-R series R02CPU; Version 21 or later
  • iQ-R series R04CPU: Version 53 or later
  • iQ-R series R08CPU: Version 53 or later
  • iQ-R series R16CPU: Version 53 or later
  • iQ-R series R32CPU: Version 53 or later
  • iQ-R series R120CPU: Version 53 or later
  • iQ-R series R04ENCPU: Version 53 or later
  • iQ-R series R08ENCPU: Version 53 or later
  • iQ-R series R16ENCPU: Version 53 or later
  • iQ-R series R32ENCPU: Version 53 or later
  • iQ-R series R120ENCPU: Version 53 or later
  • iQ-R series R08FCPU: Version 23 or later
  • iQ-R series R16FCPU: Version 23 or later
  • iQ-R series R32FCPU: Version 23 or later
  • iQ-R series R120FCPU: Version 23 or later
  • iQ-R series R08PCPU: Version 26 or later
  • iQ-R series R16PCPU: Version 26 or later
  • iQ-R series R32PCPU: Version 26 or later
  • iQ-R series R120PCPU: Version 26 or later
  • iQ-R series R16MTCPU Operating system software: Version 22 or later
  • iQ-R series R32MTCPU Operating system software: Version 22 or later
  • iQ-R series R64MTCPU Operating system software: Version 22 or later
  • See the Mitsubishi Electric advisory for the availability of updates for each product.
  • Mitsubishi Electric recommends that customers take the following mitigation measures to minimize the risk of exploiting thisvulnerability:
  • Use a firewall or virtual private network (VPN), etc. to prevent unauthorized access when Internet access is required.
  • Use within a LAN and block access from untrusted networks and hosts though firewalls.
  • For specific update instructions and additional details see the Mitsubishi Electric advisory.

Affected Vendors

Mitsubishi Electric

Affected Products (23)

Mitsubishi Electric · iQ-R series R00CPU <=20
Mitsubishi Electric · iQ-R series R01CPU <=20
Mitsubishi Electric · iQ-R series R04CPU <=52
Mitsubishi Electric · iQ-R series R08CPU <=52
Mitsubishi Electric · iQ-R series R16CPU <=52
Mitsubishi Electric · iQ-R series R32CPU <=52
Mitsubishi Electric · iQ-R series R120CPU <=52
Mitsubishi Electric · iQ-R series R04ENCPU <=52
Mitsubishi Electric · iQ-R series R08ENCPU <=52
Mitsubishi Electric · iQ-R series R16ENCPU <=52
Mitsubishi Electric · iQ-R series R32ENCPU <=52
Mitsubishi Electric · iQ-R series R120ENCPU <=52
Mitsubishi Electric · iQ-R series R08FCPU <=22
Mitsubishi Electric · iQ-R series R16FCPU <=22
Mitsubishi Electric · iQ-R series R32FCPU <=22
Mitsubishi Electric · iQ-R series R120FCPU <=22
Mitsubishi Electric · iQ-R series R08PCPU <=25
Mitsubishi Electric · iQ-R series R16PCPU <=25
Mitsubishi Electric · iQ-R series R32PCPU <=25
Mitsubishi Electric · iQ-R series R120PCPU <=25
Mitsubishi Electric · iQ-R series R16MTCPU Operating system software <=21
Mitsubishi Electric · iQ-R series R32MTCPU Operating system software <=21
Mitsubishi Electric · iQ-R series R64MTCPU Operating system software <=21

Affected Sectors

Critical Manufacturing

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more