← Back to home
ICSA-23-180-04  ·  Published 2023-07-11  ·  View on CISA ICS-CERT ↗

Mitsubishi Electric MELSEC-F Series

CVSS 7.5 HIGH

Risk Summary

Successful exploitation of this vulnerability could allow an attacker to login to the product by sending specially crafted packets.

CVEs (1)

Remediations

  • Mitsubishi Electric recommends customers take the following mitigation measures to minimize the risk of an attacker exploiting this vulnerability:
  • Use a firewall or virtual private network (VPN), etc., to prevent unauthorized access when internet access is required.
  • Use within a LAN and block access from untrusted networks and hosts through firewalls.
  • Restrict physical access to affected products and the LAN they connect.
  • For specific update instructions and additional details, see the Mitsubishi Electric advisory.

Affected Vendors

Mitsubishi Electric

Affected Products (16)

Mitsubishi Electric · FX3GE-xMy/z x=24,40, y=T,R, z=ES,ESS,DS,DSS vers:all/*
Mitsubishi Electric · FX3U-xMy/z x=16,32,48,64,80,128, y=T,R, z=ES,ESS,DS,DSS vers:all/*
Mitsubishi Electric · FX3U-32MR/UA1, FX3U-64MR/UA1 vers:all/*
Mitsubishi Electric · FX3U-32MS/ES, FX3U-64MS/ES vers:all/*
Mitsubishi Electric · FX3U-xMy/ES-A x=16,32,48,64,80,128, y=T,R vers:all/*
Mitsubishi Electric · FX3UC-xMT/z x=16,32,64,96, z=D,DSS vers:all/*
Mitsubishi Electric · FX3UC-16MR/D-T, FX3UC-16MR/DS-T vers:all/*
Mitsubishi Electric · FX3UC-32MT-LT, FX3UC-32MT-LT-2 vers:all/*
Mitsubishi Electric · FX3UC-16MT/D-P4, FX3UC-16MR/DSS-P4 vers:all/*
Mitsubishi Electric · FX3G-xMy/z x=14,24,40,60, y=T,R, z=ES,ESS,DS,DSS vers:all/*
Mitsubishi Electric · FX3G-xMy/ES-A x=14,24,40,60, y=T,R vers:all/*
Mitsubishi Electric · FX3GC-32MT/D, FX3GC-32MT/DSS vers:all/*
Mitsubishi Electric · FX3GA-xMy-CM x=24,40,60, y=T,R vers:all/*
Mitsubishi Electric · FX3S-xMy/z x=10,14,20,30, y=T,R, z=ES,ESS,DS,DSS vers:all/*
Mitsubishi Electric · FX3S-30My/z-2AD y=T,R, z=ES,ESS vers:all/*
Mitsubishi Electric · FX3SA-xMy-CM x=10,14,20,30, y=T,R vers:all/*

Affected Sectors

Critical Manufacturing

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more