Mitsubishi Electric MELSEC iQ-R Series/iQ-F Series (Update C)

Risk Summary

Successful exploitation of these vulnerabilities could allow a remote unauthenticated attacker to connect to the module via FTP and bypass authentication to log in.

CVEs (4)

Remediations

• Mitsubishi Electric recommends that users of the affected products take the following actions:
• RJ71EIP91: Consider replacing with the next generation model, CC-Link IE TSN Plus Master/Local Module RJ71GN11-EIP.
• RJ71EIP91 firmware version "06" or later: The FTP function can be disabled in firmware version "06" or later. To prevent unauthorized access from outside, set the connection to 'Deny connection' in the EtherNet/IP Configuration Tool Connection Permission Change function and disable the module's FTP function, except when configuring with the EtherNet/IP Configuration Tool. However, firmware versions earlier than "06" cannot be updated to version "06" or later. For detailed configuration instructions, refer to the following manuals: MELSEC iQ-R EtherNet/IP Module User's Manual (Application) "1.3 Ethernet/IP Configuration Tool Connectable Function".
• FX5-ENET/IP: There are no plans to release a fixed version, so take mitigations and workarounds below. In addition, consider replacing it with the next-generation model, the EtherNet/IP Module FX5-EIP.
• FX5-ENET/IP: Use IP filter function to block access from untrusted hosts. For details on the IP filter function, refer to the following manual: "12.1 IP Filter Function" in the MELSEC iQ-F FX5 User's Manual (Ethernet Communication).
• FX5-ENET/IP firmware version "1.106" or later: The FTP function can be disabled. To prevent unauthorized access from outside, set the connection to "Deny connection" in the EtherNet/IP Configuration Tool for FX5-ENET/IP Tool connection setting change function and disable the module's FTP function, except when configuring with the EtherNet/IP Configuration Tool for FX5-ENET/IP. For detailed configuration instructions, refer to the following manuals: "Tool connection setting change function" in the "Details of buffer memory addresses" in the "Appendix 4 Buffer Memory" in the "MELSEC iQ-F FX5 EtherNet/IP Module User's Manual."
• Mitsubishi Electric recommends that customers take the following mitigation measures to minimize the risk of exploiting these vulnerabilities common to RJ71EIP91 and FX5-ENET/IP:
• Use a firewall, virtual private network (VPN), etc. to prevent unauthorized access when Internet access is required.
• Use within a LAN and block access from untrusted networks and hosts through firewalls.
• Restrict physical access to prevent untrusted devices from connecting to the LAN to which the affected product is connected.
• Avoid uploading/downloading files directly using FTP, and use the EtherNet/IP configuration tool. Also, do not open the downloaded file with anything other than the EtherNet/IP configuration tool.
• Allow only trusted users to log in or remotely log in.
• Ensure that no one else can view the screen of a user from behind while using the product.
• If you leave your desk while using the product, lock your PC to prevent others from using it.
• Operate the PC using the product within a LAN and block access from untrusted networks or hosts.
• Restrict physical access to the PC on which the product is installed, as well as the PCs and network devices that can communicate with the product.
• Install antivirus software on the PCs that use the product, as well as on the PCs that can communicate with the product.
• Do not open untrusted files or click on untrusted links.
• For specific update instructions and additional details see the Mitsubishi Electric advisory.
• SW1DNN-EIPCT-BD: Download and update the fixed version Software version "1.02C" or later
• SW1DNN-EIPCTFX5-BD: Download and update the fixed version Software version "1.02C" or later.
• Mitsubishi Electric recommends that customers take the following mitigation measures to minimize the risk of exploitation of these vulnerabilities common to SW1DNN-EIPCT-BD and SW1DNN-EIPCTFX5-BD:

Affected Vendors

Affected Products (4)

Affected Sectors

Critical Manufacturing