Mitsubishi Electric Multiple Factory Automation Products

View CSAF

1. EXECUTIVE SUMMARY

  • CVSS v3 5.3
  • ATTENTION: Exploitable remotely/low attack complexity
  • Vendor: Mitsubishi Electric Corporation
  • Equipment: MELSEC iQ-F Series
  • Vulnerability: Insufficient Resource Pool

2. RISK EVALUATION

Successful exploitation of this vulnerability could allow a remote attacker to cause a temporary denial-of-service (DoS) condition for a certain period of time in the product’s Ethernet communication by performing a TCP SYN Flood attack.

3. TECHNICAL DETAILS

3.1 AFFECTED PRODUCTS

The following versions of Mitsubishi Electric MELSEC iQ-F Series, a compact control platform, are affected:

Products with * are sold in limited regions.

  • MELSEC iQ-F FX5U-32MT/ES: All Versions
  • MELSEC iQ-F FX5U-32MT/DS: All Versions
  • MELSEC iQ-F FX5U-32MT/ESS: All Versions
  • MELSEC iQ-F FX5U-32MT/DSS: All Versions
  • MELSEC iQ-F FX5U-32MR/ES: All Versions
  • MELSEC iQ-F FX5U-32MR/DS: All Versions
  • MELSEC iQ-F FX5U-64MT/ES: All Versions
  • MELSEC iQ-F FX5U-64MT/ESS: All Versions
  • MELSEC iQ-F FX5U-64MT/DS: All Versions
  • MELSEC iQ-F FX5U-64MT/DSS: All Versions
  • MELSEC iQ-F FX5U-64MR/ES: All Versions
  • MELSEC iQ-F FX5U-64MR/DS: All Versions
  • MELSEC iQ-F FX5U-80MT/ES: All Versions
  • MELSEC iQ-F FX5U-80MT/DS: All Versions
  • MELSEC iQ-F FX5U-80MT/ESS: All Versions
  • MELSEC iQ-F FX5U-80MT/DSS: All Versions
  • MELSEC iQ-F FX5U-80MR/ES: All Versions
  • MELSEC iQ-F FX5U-80MR/DS: All Versions
  • MELSEC iQ-F FX5UC-32MT/D: All Versions
  • MELSEC iQ-F FX5UC-32MT/DSS: All Versions
  • MELSEC iQ-F FX5UC-64MT/D: All Versions
  • MELSEC iQ-F FX5UC-64MT/DSS: All Versions
  • MELSEC iQ-F FX5UC-96MT/D: All Versions
  • MELSEC iQ-F FX5UC-96MT/DSS: All Versions
  • MELSEC iQ-F FX5UC-32MT/DS-TS: All Versions
  • MELSEC iQ-F FX5UC-32MT/DSS-TS: All Versions
  • MELSEC iQ-F FX5UC-32MR/DS-TS: All Versions
  • MELSEC iQ-F FX5UJ-24MT/ES: All Versions
  • MELSEC iQ-F FX5UJ-24MT/DS: All Versions
  • MELSEC iQ-F FX5UJ-24MT/E

    […]
    Content was cut in order to protect the source.Please visit the source for the rest of the article.

    This article has been indexed from All CISA Advisories

    Read the original article: