1. EXECUTIVE SUMMARY
- CVSS v3 5.3
- ATTENTION: Exploitable remotely/low attack complexity
- Vendor: Mitsubishi Electric Corporation
- Equipment: MELSEC iQ-F Series
- Vulnerability: Insufficient Resource Pool
2. RISK EVALUATION
Successful exploitation of this vulnerability could allow a remote attacker to cause a temporary denial-of-service (DoS) condition for a certain period of time in the product’s Ethernet communication by performing a TCP SYN Flood attack.
3. TECHNICAL DETAILS
3.1 AFFECTED PRODUCTS
The following versions of Mitsubishi Electric MELSEC iQ-F Series, a compact control platform, are affected:
Products with * are sold in limited regions.
- MELSEC iQ-F FX5U-32MT/ES: All Versions
- MELSEC iQ-F FX5U-32MT/DS: All Versions
- MELSEC iQ-F FX5U-32MT/ESS: All Versions
- MELSEC iQ-F FX5U-32MT/DSS: All Versions
- MELSEC iQ-F FX5U-32MR/ES: All Versions
- MELSEC iQ-F FX5U-32MR/DS: All Versions
- MELSEC iQ-F FX5U-64MT/ES: All Versions
- MELSEC iQ-F FX5U-64MT/ESS: All Versions
- MELSEC iQ-F FX5U-64MT/DS: All Versions
- MELSEC iQ-F FX5U-64MT/DSS: All Versions
- MELSEC iQ-F FX5U-64MR/ES: All Versions
- MELSEC iQ-F FX5U-64MR/DS: All Versions
- MELSEC iQ-F FX5U-80MT/ES: All Versions
- MELSEC iQ-F FX5U-80MT/DS: All Versions
- MELSEC iQ-F FX5U-80MT/ESS: All Versions
- MELSEC iQ-F FX5U-80MT/DSS: All Versions
- MELSEC iQ-F FX5U-80MR/ES: All Versions
- MELSEC iQ-F FX5U-80MR/DS: All Versions
- MELSEC iQ-F FX5UC-32MT/D: All Versions
- MELSEC iQ-F FX5UC-32MT/DSS: All Versions
- MELSEC iQ-F FX5UC-64MT/D: All Versions
- MELSEC iQ-F FX5UC-64MT/DSS: All Versions
- MELSEC iQ-F FX5UC-96MT/D: All Versions
- MELSEC iQ-F FX5UC-96MT/DSS: All Versions
- MELSEC iQ-F FX5UC-32MT/DS-TS: All Versions
- MELSEC iQ-F FX5UC-32MT/DSS-TS: All Versions
- MELSEC iQ-F FX5UC-32MR/DS-TS: All Versions
- MELSEC iQ-F FX5UJ-24MT/ES: All Versions
- MELSEC iQ-F FX5UJ-24MT/DS: All Versions
- MELSEC iQ-F FX5UJ-24MT/E
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.This article has been indexed from All CISA AdvisoriesRead the original article: