Multiple vulnerabilities in Mitsubishi Electric MELSEC iQ-R Series/iQ-F Series, EtherNet/IP Modules and EtherNet/IP

Jun 7, 2023 08:00 am Cyber Security 110
Published: 2023-06-07


Risk
Medium
Patch available
NO
Number of vulnerabilities
4
CVE-ID
CVE-2023-2060CVE-2023-2061CVE-2023-2062CVE-2023-2063
CWE-ID
CWE-521CWE-259CWE-549CWE-434
Exploitation vector
Network
Public exploit
N/A
Vulnerable softwareSubscribe
RJ71EIP91Hardware solutions / Routers & switches, VoIP, GSM, etc

SW1DNN-EIPCT-BDHardware solutions / Routers & switches, VoIP, GSM, etc

FX5-ENET/IPHardware solutions / Routers & switches, VoIP, GSM, etc

SW1DNN-EIPCTFX5-BDHardware solutions / Routers & switches, VoIP, GSM, etc


Vendor
Mitsubishi Electric

Security Bulletin


This security bulletin contains information about 4 vulnerabilities.


EUVDB-ID: #VU77046


Risk: Medium


CVSSv3.1:


CVE-ID: CVE-2023-2060


CWE-ID: CWE-521 - Weak Password Requirements


Exploit availability: No


Description

The vulnerability allows a remote attacker to gain access to sensitive information.


The vulnerability exists due to weak password requirements in FTP function on EtherNet/IP module. A remote attacker can access to the module via FTP by dictionary ..

Support the originator by clicking the read the rest link below.

multiple vulnerabilities mitsubishi electric melsec series series ethernet modules ethernet
Read The Rest from the original source
cybersecurity-help.cz

Related News

Be in Touch

All Rights Reserved #1 Source for Cyber Security News, Reports and Threat Intelligence
Powered By The Internet!!!!