← Back to home
ICSA-23-285-13  ·  Published 2023-10-12  ·  View on CISA ICS-CERT ↗

Mitsubishi Electric MELSEC-F Series

CVSS 9.1 CRITICAL

Risk Summary

Successful exploitation of this vulnerability may allow a remote attacker to obtain sequence programs from the product, write malicious sequence programs, or improper data in the product without authentication.

CVEs (1)

Remediations

  • Mitsubishi Electric recommends that customers take the following mitigation measures to minimize the risk of exploiting this vulnerability:
  • Use a firewall or virtual private network (VPN), etc. to prevent unauthorized access when Internet access is required.
  • Use within a LAN and block access from untrusted networks and hosts through firewalls.
  • Restrict physical access to the affected products and the LAN that is connected by them.
  • For specific update instructions and additional details see the Mitsubishi Electric advisory.

Affected Vendors

Mitsubishi Electric Corporation

Affected Products (16)

Mitsubishi Electric Corporation · MELSEC-F series FX3U-xMy/z x=16,32,48,64,80,128, y=T,R, z=ES,ESS,DS,DSS vers:all/*
Mitsubishi Electric Corporation · MELSEC-F series FX3U-32MR/UA1, FX3U-64MR/UA1 vers:all/*
Mitsubishi Electric Corporation · MELSEC-F FX3U-32MS/ES, FX3U-64MS/ES vers:all/*
Mitsubishi Electric Corporation · MELSEC-F FX3U-xMy/ES-A x=16,32,48,64,80,128, y=T,R vers:all/*
Mitsubishi Electric Corporation · MELSEC-F FX3UC-xMT/z x=16,32,64,96, z=D,DSS vers:all/*
Mitsubishi Electric Corporation · MELSEC-F FX3UC-16MR/D-T, FX3UC-16MR/DS-T vers:all/*
Mitsubishi Electric Corporation · MELSEC-F FX3UC-32MT-LT, FX3UC-32MT-LT-2 vers:all/*
Mitsubishi Electric Corporation · MELSEC-F FX3UC-16MT/D-P4, FX3UC-16MT/DSS-P4 vers:all/*
Mitsubishi Electric Corporation · MELSEC-F FX3G-xMy/z x=14,24,40,60, y=T,R, z=ES,ESS,DS,DSS vers:all/*
Mitsubishi Electric Corporation · MELSEC-F FX3G-xMy/ES-A x=14,24,40,60, y=T,R vers:all/*
Mitsubishi Electric Corporation · MELSEC-F FX3GC-32MT/D, FX3GC-32MT/DSS vers:all/*
Mitsubishi Electric Corporation · MELSEC-F FX3GE-xMy/z x=24,40, y=T,R, z=ES,ESS,DS,DSS vers:all/*
Mitsubishi Electric Corporation · MELSEC-F FX3GA-xMy-CM x=24,40,60, y=T,R vers:all/*
Mitsubishi Electric Corporation · MELSEC-F FX3S-xMy/z x=10,14,20,30, y=T,R, z=ES,ESS,DS,DSS vers:all/*
Mitsubishi Electric Corporation · MELSEC-F FX3S-30My/z-2AD y=T,R, z=ES,ESS vers:all/*
Mitsubishi Electric Corporation · MELSEC-F FX3SA-xMy-CM x=10,14,20,30, y=T,R vers:all/*

Affected Sectors

Critical Manufacturing

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more