Skip to main content

Fx3U 32Mt Es Firmware CVE-2023-4699

CRITICAL
Missing Authentication for Critical Function (CWE-306)
2023-11-06 Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp
Authentication Bypass Fx3U 32Mt Es Firmware Fx3U 48Mt Es Firmware Fx3U 64Mt Es Firmware Fx3U 80Mt Es Firmware Fx3U 128Mt E Firmware Fx3U 16Mt Es Firmware Fx3U 16Mr Es Firmware Fx3U 32Mr Es Firmware Fx3U 48Mr Es Firmware Fx3U 64Mr Es Firmware Fx3U 80Mr Es Firmware Fx3U 128Mr Es Firmware Fx3U 16Mt Ess Firmware Fx3U 32Mt Ess Firmware Fx3U 48Mt Ess Firmware Fx3U 64Mt Ess Firmware Fx3U 80Mt Ess Firmware Fx3U 128Mt Ess Firmware Fx3U 16Mt Ds Firmware Fx3U 32Mt Ds Firmware Fx3U 48Mt Ds Firmware Fx3U 64Mt Ds Firmware Fx3U 80Mt Ds Firmware Fx3U 128Mt Ds Firmware Fx3U 16Mr Ds Firmware Fx3U 32Mr Ds Firmware Fx3U 48Mr Ds Firmware Fx3U 64Mr Ds Firmware Fx3U 80Mr Ds Firmware Fx3U 128Mr Ds Firmware Fx3U 16Mt Dss Firmware Fx3U 32Mt Dss Firmware Fx3U 48Mt Dss Firmware Fx3U 64Mt Dss Firmware Fx3U 80Mt Dss Firmware Fx3U 128Mt Dss Firmware Fx3U 32Mr Ua1 Firmware Fx3U 64Mr Ua1 Firmware Fx3U 32Ms Es Firmware Fx3U 64Ms Es Firmware Fx3U 16Mt Es A Firmware Fx3U 32Mt Es A Firmware Fx3U 48Mt Es A Firmware Fx3U 64Mt Es A Firmware Fx3U 80Mt Es A Firmware Fx3U 128Mt Es A Firmware Fx3U 16Mr Es A Firmware Fx3U 32Mr Es A Firmware Fx3U 48Mr Es A Firmware Fx3U 64Mr Es A Firmware Fx3U 80Mr Es A Firmware Fx3U 128Mr Es A Firmware Fx3Uc 16Mt D Firmware Fx3Uc 32Mt D Firmware Fx3Uc 64Mt D Firmware Fx3Uc 96Mt D Firmware Fx3Uc 16Mt Dss Firmware Fx3Uc 32Mt Dss Firmware Fx3Uc 64Mt Dss Firmware Fx3Uc 96Mt Dss Firmware Fx3Uc 16Mr D T Firmware Fx3Uc 16Mr Ds T Firmware Fx3Uc 32Mt Lt Firmware Fx3Uc 32Mt Lt 2 Firmware Fx3Uc 16Mt D P4 Firmware Fx3Uc 16Mt Dss P4 Firmware Fx3G 14Mt Es Firmware Fx3G 24Mt Es Firmware Fx3G 40Mt Es Firmware Fx3G 60Mt Es Firmware Fx3G 14Mr Es Firmware Fx3G 24Mr Es Firmware Fx3G 40Mr Es Firmware Fx3G 60Mr Es Firmware Fx3G 14Mt Ess Firmware Fx3G 24Mt Ess Firmware Fx3G 40Mt Ess Firmware Fx3G 60Mt Ess Firmware Fx3G 14Mt Ds Firmware Fx3G 24Mt Ds Firmware Fx3G 40Mt Ds Firmware Fx3G 60Mt Ds Firmware Fx3G 14Mr Ds Firmware Fx3G 24Mr Ds Firmware Fx3G 40Mr Ds Firmware Fx3G 60Mr Ds Firmware Fx3G 14Mt Dss Firmware Fx3G 24Mt Dss Firmware Fx3G 40Mt Dss Firmware Fx3G 60Mt Dss Firmware Fx3G 14Mt Es A Firmware Fx3G 24Mt Es A Firmware Fx3G 40Mt Es A Firmware Fx3G 60Mt Es A Firmware Fx3G 14Mr Es A Firmware Fx3G 24Mr Es A Firmware Fx3G 40Mr Es A Firmware Fx3G 60Mr Es A Firmware Fx3Gc 32Mt D Firmware Fx3Gc 32Mt Dss Firmware Fx3Ge 24Mt Es Firmware Fx3Ge 40Mt Es Firmware Fx3Ge 24Mr Es Firmware Fx3Ge 40Mr Es Firmware Fx3Ge 24Mt Ess Firmware Fx3Ge 40Mt Ess Firmware Fx3Ge 24Mt Ds Firmware Fx3Ge 40Mt Ds Firmware Fx3Ge 24Mr Ds Firmware Fx3Ge 40Mr Ds Firmware Fx3Ge 24Mt Dss Firmware Fx3Ge 40Mt Dss Firmware Fx3Ga 24Mt Cm Firmware Fx3Ga 40Mt Cm Firmware Fx3Ga 60Mt Cm Firmware Fx3Ga 24Mr Cm Firmware Fx3Ga 40Mr Cm Firmware Fx3Ga 60Mr Cm Firmware Fx3S 10Mt Es Firmware Fx3S 14Mt Es Firmware Fx3S 20Mt Es Firmware Fx3S 30Mt Es Firmware Fx3S 10Mr Es Firmware Fx3S 14Mr Es Firmware Fx3S 20Mr Es Firmware Fx3S 30Mr Es Firmware Fx3S 10Mt Ess Firmware Fx3S 14Mt Ess Firmware Fx3S 20Mt Ess Firmware Fx3S 30Mt Ess Firmware Fx3S 10Mt Ds Firmware Fx3S 14Mt Ds Firmware Fx3S 20Mt Ds Firmware Fx3S 30Mt Ds Firmware Fx3S 10Mr Ds Firmware Fx3S 14Mr Ds Firmware Fx3S 20Mr Ds Firmware Fx3S 30Mr Ds Firmware Fx3S 10Mt Dss Firmware Fx3S 14Mt Dss Firmware Fx3S 20Mt Dss Firmware Fx3S 30Mt Dss Firmware Fx3S 30Mt Es 2Ad Firmware Fx3S 30Mr Es 2Ad Firmware Fx3S 30Mt Ess 2Ad Firmware Fx3Sa 10Mt Cm Firmware Fx3Sa 14Mt Cm Firmware Fx3Sa 20Mt Cm Firmware Fx3Sa 30Mt Cm Firmware Fx3Sa 10Mr Cm Firmware Fx3Sa 14Mr Cm Firmware Fx3Sa 20Mr Cm Firmware Fx3Sa 30Mr Cm Firmware Fx5U 32Mt Es Firmware Fx5U 64Mt Es Firmware Fx5U 80Mt Es Firmware Fx5U 32Mr Es Firmware Fx5U 64Mr Es Firmware Fx5U 80Mr Es Firmware Fx5U 32Mt Ds Firmware Fx5U 64Mt Ds Firmware Fx5U 80Mt Ds Firmware Fx5U 32Mr Ds Firmware Fx5U 64Mr Ds Firmware Fx5U 80Mr Ds Firmware Fx5U 32Mt Ess Firmware Fx5U 64Mt Ess Firmware Fx5U 80Mt Ess Firmware Fx5U 32Mt Dss Firmware Fx5U 64Mt Dss Firmware Fx5U 80Mt Dss Firmware Fx5Uc 32Mt D Firmware Fx5Uc 64Mt D Firmware Fx5Uc 96Mt D Firmware Fx5Uc 32Mt Dss Firmware Fx5Uc 64Mt Dss Firmware Fx5Uc 96Mt Dss Firmware Fx5Uc 32Mt Ds Ts Firmware Fx5Uc 32Mt Dss Ts Firmware Fx5Uc 32Mr Ds Ts Firmware Fx5Uj 24Mt Es Firmware Fx5Uj 40Mt Es Firmware Fx5Uj 60Mt Es Firmware Fx5Uj 24Mr Es Firmware Fx5Uj 40Mr Es Firmware Fx5Uj 60Mr Es Firmware Fx5Uj 24Mt Ess Firmware Fx5Uj 40Mt Ess Firmware Fx5Uj 60Mt Ess Firmware Fx5Uj 24Mt Ds Firmware Fx5Uj 40Mt Ds Firmware Fx5Uj 60Mt Ds Firmware Fx5Uj 24Mr Ds Firmware Fx5Uj 40Mr Ds Firmware Fx5Uj 60Mr Ds Firmware Fx5Uj 24Mt Dss Firmware Fx5Uj 40Mt Dss Firmware Fx5Uj 60Mt Dss Firmware Fx5Uj 24Mt Es A Firmware Fx5Uj 40Mt Es A Firmware Fx5Uj 60Mt Es A Firmware Fx5Uj 24Mr Es A Firmware Fx5Uj 40Mr Es A Firmware Fx5Uj 60Mr Es A Firmware Fx5S 30Mt Es Firmware Fx5S 40Mt Es Firmware Fx5S 60Mt Es Firmware Fx5S 80Mt Es Firmware Fx5S 30Mr Es Firmware Fx5S 40Mr Es Firmware Fx5S 60Mr Es Firmware Fx5S 80Mr Es Firmware Fx5S 30Mt Ess Firmware Fx5S 40Mt Ess Firmware Fx5S 60Mt Ess Firmware Fx5S 80Mt Ess Firmware
9.1
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
9.1 CRITICAL
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
High
Availability
High

Lifecycle Timeline

1
CVE Published
Nov 06, 2023 - 06:15 nvd
CRITICAL 9.1

DescriptionNVD

Missing Authentication for Critical Function vulnerability in Mitsubishi Electric Corporation MELSEC-F Series CPU modules, MELSEC iQ-F Series, MELSEC iQ-R series CPU modules, MELSEC iQ-R series, MELSEC iQ-L series, MELSEC Q series, MELSEC-L series, Mitsubishi Electric CNC M800V/M80V series, Mitsubishi Electric CNC M800/M80/E80 series and Mitsubishi Electric CNC M700V/M70V/E70 series allows a remote unauthenticated attacker to execute arbitrary commands by sending specific packets to the affected products. This could lead to disclose or tamper with information by reading or writing control programs, or cause a denial-of-service (DoS) condition on the products by resetting the memory contents of the products to factory settings or resetting the products remotely.

AnalysisAI

Missing Authentication for Critical Function vulnerability in Mitsubishi Electric Corporation MELSEC-F Series CPU modules, MELSEC iQ-F Series, MELSEC iQ-R series CPU modules, MELSEC iQ-R series,. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Technical ContextAI

This vulnerability is classified as Missing Authentication for Critical Function (CWE-306), which allows attackers to access critical functionality without authentication. Missing Authentication for Critical Function vulnerability in Mitsubishi Electric Corporation MELSEC-F Series CPU modules, MELSEC iQ-F Series, MELSEC iQ-R series CPU modules, MELSEC iQ-R series, MELSEC iQ-L series, MELSEC Q series, MELSEC-L series, Mitsubishi Electric CNC M800V/M80V series, Mitsubishi Electric CNC M800/M80/E80 series and Mitsubishi Electric CNC M700V/M70V/E70 series allows a remote unauthenticated attacker to execute arbitrary commands by sending specific packets to the affected products. This could lead to disclose or tamper with information by reading or writing control programs, or cause a denial-of-service (DoS) condition on the products by resetting the memory contents of the products to factory settings or resetting the products remotely. Affected products include: Mitsubishielectric Fx3U-32Mt\/Es Firmware, Mitsubishielectric Fx3U-48Mt\/Es Firmware, Mitsubishielectric Fx3U-64Mt\/Es Firmware, Mitsubishielectric Fx3U-80Mt\/Es Firmware, Mitsubishielectric Fx3U-128Mt\/E Firmware.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Require authentication for all sensitive operations, implement defense in depth.

Share

CVE-2023-4699 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy