Mitsubishi Electric Air Conditioning Systems

Risk Summary

Successful exploitation of this vulnerability may allow an attacker to disclose some of the data in the air conditioning system or cause a denial-of-service condition.

CVEs (1)

Remediations

• G-50A: Version 3.37 or later
• GB-50A: Version 3.37 or later
• GB-24A: Version 9.12 or later
• AG-150A-A: Version 3.21 or later
• AG-150A-J: Version 3.21 or later
• GB-50ADA-A: Version 3.21 or later
• GB-50ADA-J: Version 3.21 or later
• EB-50GU-A: Version 7.10 or later
• EB-50GU-J: Version 7.10 or later
• AE-200A: Version 7.95 or later
• AE-200E: Version 7.95 or later
• AE-50A: Version 7.95 or later
• AE-50E: Version 7.95 or later
• EW-50A: Version 7.95 or later
• EW-50E: Version 7.95 or later
• TE-200A: Version 7.95 or later
• TE-50A: Version 7.95 or later
• TW-50A: Version 7.95 or later
• CMS-RMD-J: Version 1.40 or later
• PAC-YG50ECA: Version 2.21 or later
• BAC-HD150: Version 2.22 or later
• Use a VPN router, etc. when you connect air conditioning systems to the Internet.
• Use anti-virus software on computers connected to air conditioning systems.
• Restrict the access to air conditioning systems from untrusted networks and hosts.
• Please refer to the Mitsubishi Electric website for additional details about this issue.

Affected Vendors

Affected Products (21)

Affected Sectors

Commercial Facilities