ICSA-23-122-01
·
Published 2023-05-02
·
View on CISA ICS-CERT ↗
Mitsubishi Electric Factory Automation Products
CVSS 8.8
HIGH
Risk Summary
Successful exploitation of these vulnerabilities could allow a malicious attacker to escalate privileges, disclose parameter information in the affected products, and cause a denial-of-service condition.
CVEs (9)
Remediations
- Mitsubishi Electric recommends users refer to the following Intel advisories to assist in mitigating these vulnerabilities:
- CVE-2022-0002 - INTEL-SA-00598
- Mitsubishi Electric recommends that users take the following mitigation measures to minimize the risk of exploiting these vulnerabilities:
- Restrict physical access to the product from unauthorized users.
- For additional information, refer to Mitsubishi Electric’s bulletin.
- CVE-2021-33150 - INTEL-SA-00609
- CVE-2021-0127 - INTEL-SA-00532
- CVE-2021-0086 - INTEL-SA-00516
- CVE-2021-0089 - INTEL-SA-00516
- CVE-2021-0146 - INTEL-SA-00528
- CVE-2020-24512 - INTEL-SA-00464
- CVE-2020-8670 — INTEL-SA-00463
- CVE-2020-24489 - INTEL-SA-00442
Affected Vendors
Mitsubishi Electric
Affected Products (10)
Mitsubishi Electric
·
MELIPC MI5122-VM
vers:all/*
Mitsubishi Electric
·
MELIPC MI1002-W
vers:all/*
Mitsubishi Electric
·
MELIPC MI2012-W
vers:all/*
Mitsubishi Electric
·
MELIPC MI3321G-W
vers:all/*
Mitsubishi Electric
·
MELIPC MI3315G-W
vers:all/*
Mitsubishi Electric
·
MELSEC iQ-R R102WCPU-W
vers:all/*
Mitsubishi Electric
·
MELSEC Q Q24DHCCPU-V
vers:all/*
Mitsubishi Electric
·
MELSEC Q Q24DHCCPU-VG
vers:all/*
Mitsubishi Electric
·
MELSEC Q Q24DHCCPU-LS
vers:all/*
Mitsubishi Electric
·
MELSEC Q Q26DHCCPU-LS
vers:all/*
Affected Sectors
Critical Manufacturing
Get alerted to advisories like this
OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.
Start free trial Learn more