← Back to home
ICSA-22-139-01  ·  Published 2022-05-31  ·  View on CISA ICS-CERT ↗

Mitsubishi Electric MELSEC iQ-F Series

CVSS 8.6 HIGH

Risk Summary

Successful exploitation of these vulnerabilities could cause a denial-of-service condition by sending specially crafted packets. A system reset is required for recovery.

CVEs (2)

Remediations

  • MELSEC iQ-F FX5U-xMy/z x=32,64,80, y=T,R, z=ES,DS,ESS,DSS with Serial number 17X**** or later update to v1.270 or later
  • MELSEC iQ-F FX5U-xMy/z x=32,64,80, y=T,R, z=ES, DS, ESS, DSS with serial number 179**** and prior update to v1.073 or later
  • MELSEC iQ-F FX5UC-xMy/z x=32,64,96, y=T,R, z=D,DSS with serial number 17X**** or later update to v1.270 or later
  • MELSEC iQ-F FX5UC-xMy/z x=32,64,96, y=T,R, z=D,DSS with Serial number 179**** and prior update to v1.073 or later
  • MELSEC iQ-F FX5UC-32MT/DS-TS, FX5UC-32MT/DSS-TS, FX5UC-32MR/DS-TS update to v1.270 or later
  • MELSEC iQ-F FX5UJ-xMy/z x=24,40,60, y=T,R, z=ES,ESS update to v1.030 or later
  • MELSEC iQ-F FX5UJ-xMy/ES-A x=24,40,60, y=T.R please contact a Mitsubishi Electric representative
  • MELSEC iQ-F FX5S-xMy/z x-30,40,60,80, y=T.R, z=ES,ESS please contact a Mitsubishi Electric representative
  • Use a firewall or virtual private network to prevent unauthorized access when Internet access is required.
  • Use firewalls or an IP filter function to restrict connections to these products and prevent access from untrusted networks or hosts. For details on the IP filter function, refer to 12.1 IP Filter Function in MELSEC iQ-F FX5 User's Manual (Ethernet Communication).

Affected Vendors

Mitsubishi Electric

Affected Products (14)

Mitsubishi Electric · MELSEC iQ-F FX5S-xMy/z x=30406080 y=T.R z=ESESS 1.000 (These products are sold in limited regions)
Mitsubishi Electric · MELSEC iQ-F FX5UC-32MT/DS-TS FX5UC-32MT/DSS-TS FX5UC-32MR/DS-TS < 1.270
Mitsubishi Electric · MELSEC iQ-F FX5UC-xMy/z x=326496 y=TR z=DDSS with Serial number 179**** and prior < 1.073
Mitsubishi Electric · MELSEC iQ-F FX5UC-xMy/z x=326496 y=TR z=DDSS with serial number 17X**** or later < 1.270
Mitsubishi Electric · MELSEC iQ-F FX5UJ-xMy/ES-A x=244060 y=T.R < 1.031 (These products are sold in limited regions)
Mitsubishi Electric · MELSEC iQ-F FX5UJ-xMy/z x=244060 y=TR z=ESESS < 1.030
Mitsubishi Electric · MELSEC iQ-F FX5U-xMy/z x=326480 y=TR z=ESDSESSDSS with Serial number 179**** and prior < 1.073
Mitsubishi Electric · MELSEC iQ-F FX5U-xMy/z x=326480 y=TR z=ESDSESSDSS with serial number 17X**** or later < 1.270
Mitsubishi Electric · MELSEC iQ-F FX5U-xMy/z x=32,64,80, y=T,R, z=ES,DS,ESS,DSS with serial number 17X**** or later < 1.270
Mitsubishi Electric · MELSEC iQ-F FX5U-xMy/z x=32,64,80, y=T,R, z=ES,DS,ESS,DSS with Serial number 179**** and prior < 1.073
Mitsubishi Electric · MELSEC iQ-F FX5UC-xMy/z x=32,64,96, y=T,R, z=D,DSS with serial number 17X**** or later < 1.270
Mitsubishi Electric · MELSEC iQ-F FX5UC-xMy/z x=32,64,96, y=T,R, z=D,DSS with Serial number 179**** and prior < 1.073
Mitsubishi Electric · MELSEC iQ-F FX5UJ-xMy/ES-A x=24,40,60, y=T.R < 1.031
Mitsubishi Electric · MELSEC iQ-F FX5S-xMy/z x=30,40,60,80, y=T.R, z=ES,ESS 1.000

Affected Sectors

Critical Manufacturing

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more