Multiple vulnerabilities in Mitsubishi Electric MELSEC-Q/L Series
| Risk | High |
| Patch available | NO |
| Number of vulnerabilities | 5 |
| CVE-ID | CVE-2024-0802 CVE-2024-0803 CVE-2024-1915 CVE-2024-1916 CVE-2024-1917 |
| CWE-ID | CWE-468 CWE-190 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
MELSEC-Q Q03UDECPU Hardware solutions / Routers & switches, VoIP, GSM, etc Q04UDEHCPU Hardware solutions / Firmware MELSEC iQ-Q 06 UDEHCPU Hardware solutions / Firmware MELSEC iQ-Q 10 UDEHCPU Hardware solutions / Firmware MELSEC iQ-Q 13 UDEHCPU Hardware solutions / Firmware MELSEC iQ-Q 20 UDEHCPU Hardware solutions / Firmware MELSEC iQ-Q 26 UDEHCPU Hardware solutions / Firmware MELSEC iQ-Q 50 UDEHCPU Hardware solutions / Firmware MELSEC iQ-Q 100 UDEHCPU Hardware solutions / Firmware MELSEC iQ-Q 03 UDVCPU Hardware solutions / Firmware MELSEC iQ-Q 04 UDVCPU Hardware solutions / Firmware MELSEC iQ-Q 06 UDVCPU Hardware solutions / Firmware MELSEC iQ-Q 13 UDVCPU Hardware solutions / Firmware MELSEC iQ-Q 26 UDVCPU Hardware solutions / Firmware MELSEC iQ-Q 04 UDPVCPU Hardware solutions / Firmware MELSEC iQ-Q 06 UDPVCPU Hardware solutions / Firmware MELSEC iQ-Q 13 UDPVCPU Hardware solutions / Firmware MELSEC iQ-Q 26 UDPVCPU Hardware solutions / Firmware MELSEC L Series L02CPU(-P) Hardware solutions / Firmware MELSEC L Series L06CPU(-P) Hardware solutions / Firmware MELSEC L Series L26CPU(-P) Hardware solutions / Firmware MELSEC L Series L26CPU-(P)BT Hardware solutions / Firmware |
| Vendor | Mitsubishi Electric |
Security Bulletin
This security bulletin contains information about 5 vulnerabilities.
1) Incorrect Pointer Scaling
EUVDB-ID: #VU87556
Risk: High
CVSSv3.1: 9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2024-0802
CWE-ID:
CWE-468 - Incorrect Pointer Scaling
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to incorrect pointer scaling. A remote attacker can send a specially crafted packet and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsMELSEC-Q Q03UDECPU: All versions
Q04UDEHCPU: All versions
MELSEC iQ-Q 06 UDEHCPU: All versions
MELSEC iQ-Q 10 UDEHCPU: All versions
MELSEC iQ-Q 13 UDEHCPU: All versions
MELSEC iQ-Q 20 UDEHCPU: All versions
MELSEC iQ-Q 26 UDEHCPU: All versions
MELSEC iQ-Q 50 UDEHCPU: All versions
MELSEC iQ-Q 100 UDEHCPU: All versions
MELSEC iQ-Q 03 UDVCPU: All versions
MELSEC iQ-Q 04 UDVCPU: All versions
MELSEC iQ-Q 06 UDVCPU: All versions
MELSEC iQ-Q 13 UDVCPU: All versions
MELSEC iQ-Q 26 UDVCPU: All versions
MELSEC iQ-Q 04 UDPVCPU: All versions
MELSEC iQ-Q 06 UDPVCPU: All versions
MELSEC iQ-Q 13 UDPVCPU: All versions
MELSEC iQ-Q 26 UDPVCPU: All versions
MELSEC L Series L02CPU(-P): All versions
MELSEC L Series L06CPU(-P): All versions
MELSEC L Series L26CPU(-P): All versions
MELSEC L Series L26CPU-(P)BT: All versions
External linkshttp://www.cisa.gov/news-events/ics-advisories/icsa-24-074-14
http://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2023-024_en.pdf
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Integer overflow
EUVDB-ID: #VU87559
Risk: High
CVSSv3.1: 9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2024-0803
CWE-ID:
CWE-190 - Integer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to integer overflow. A remote attacker can pass specially crafted data to the application, trigger integer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsMELSEC-Q Q03UDECPU: All versions
Q04UDEHCPU: All versions
MELSEC iQ-Q 06 UDEHCPU: All versions
MELSEC iQ-Q 10 UDEHCPU: All versions
MELSEC iQ-Q 13 UDEHCPU: All versions
MELSEC iQ-Q 20 UDEHCPU: All versions
MELSEC iQ-Q 26 UDEHCPU: All versions
MELSEC iQ-Q 50 UDEHCPU: All versions
MELSEC iQ-Q 100 UDEHCPU: All versions
MELSEC iQ-Q 03 UDVCPU: All versions
MELSEC iQ-Q 04 UDVCPU: All versions
MELSEC iQ-Q 06 UDVCPU: All versions
MELSEC iQ-Q 13 UDVCPU: All versions
MELSEC iQ-Q 26 UDVCPU: All versions
MELSEC iQ-Q 04 UDPVCPU: All versions
MELSEC iQ-Q 06 UDPVCPU: All versions
MELSEC iQ-Q 13 UDPVCPU: All versions
MELSEC iQ-Q 26 UDPVCPU: All versions
MELSEC L Series L02CPU(-P): All versions
MELSEC L Series L06CPU(-P): All versions
MELSEC L Series L26CPU(-P): All versions
MELSEC L Series L26CPU-(P)BT: All versions
External linkshttp://www.cisa.gov/news-events/ics-advisories/icsa-24-074-14
http://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2023-024_en.pdf
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Incorrect Pointer Scaling
EUVDB-ID: #VU87561
Risk: High
CVSSv3.1: 9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2024-1915
CWE-ID:
CWE-468 - Incorrect Pointer Scaling
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to incorrect pointer scaling. A remote attacker can send a specially crafted packet and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsMELSEC-Q Q03UDECPU: All versions
Q04UDEHCPU: All versions
MELSEC iQ-Q 06 UDEHCPU: All versions
MELSEC iQ-Q 10 UDEHCPU: All versions
MELSEC iQ-Q 13 UDEHCPU: All versions
MELSEC iQ-Q 20 UDEHCPU: All versions
MELSEC iQ-Q 26 UDEHCPU: All versions
MELSEC iQ-Q 50 UDEHCPU: All versions
MELSEC iQ-Q 100 UDEHCPU: All versions
MELSEC iQ-Q 03 UDVCPU: All versions
MELSEC iQ-Q 04 UDVCPU: All versions
MELSEC iQ-Q 06 UDVCPU: All versions
MELSEC iQ-Q 13 UDVCPU: All versions
MELSEC iQ-Q 26 UDVCPU: All versions
MELSEC iQ-Q 04 UDPVCPU: All versions
MELSEC iQ-Q 06 UDPVCPU: All versions
MELSEC iQ-Q 13 UDPVCPU: All versions
MELSEC iQ-Q 26 UDPVCPU: All versions
MELSEC L Series L02CPU(-P): All versions
MELSEC L Series L06CPU(-P): All versions
MELSEC L Series L26CPU(-P): All versions
MELSEC L Series L26CPU-(P)BT: All versions
External linkshttp://www.cisa.gov/news-events/ics-advisories/icsa-24-074-14
http://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2023-024_en.pdf
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Integer overflow
EUVDB-ID: #VU87563
Risk: High
CVSSv3.1: 9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2024-1916
CWE-ID:
CWE-190 - Integer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to integer overflow. A remote attacker can pass specially crafted data to the application, trigger integer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsMELSEC-Q Q03UDECPU: All versions
Q04UDEHCPU: All versions
MELSEC iQ-Q 06 UDEHCPU: All versions
MELSEC iQ-Q 10 UDEHCPU: All versions
MELSEC iQ-Q 13 UDEHCPU: All versions
MELSEC iQ-Q 20 UDEHCPU: All versions
MELSEC iQ-Q 26 UDEHCPU: All versions
MELSEC iQ-Q 50 UDEHCPU: All versions
MELSEC iQ-Q 100 UDEHCPU: All versions
MELSEC iQ-Q 03 UDVCPU: All versions
MELSEC iQ-Q 04 UDVCPU: All versions
MELSEC iQ-Q 06 UDVCPU: All versions
MELSEC iQ-Q 13 UDVCPU: All versions
MELSEC iQ-Q 26 UDVCPU: All versions
MELSEC iQ-Q 04 UDPVCPU: All versions
MELSEC iQ-Q 06 UDPVCPU: All versions
MELSEC iQ-Q 13 UDPVCPU: All versions
MELSEC iQ-Q 26 UDPVCPU: All versions
MELSEC L Series L02CPU(-P): All versions
MELSEC L Series L06CPU(-P): All versions
MELSEC L Series L26CPU(-P): All versions
MELSEC L Series L26CPU-(P)BT: All versions
External linkshttp://www.cisa.gov/news-events/ics-advisories/icsa-24-074-14
http://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2023-024_en.pdf
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Integer overflow
EUVDB-ID: #VU87564
Risk: High
CVSSv3.1: 9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2024-1917
CWE-ID:
CWE-190 - Integer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to integer overflow. A remote attacker can pass specially crafted data to the application, trigger integer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsMELSEC-Q Q03UDECPU: All versions
Q04UDEHCPU: All versions
MELSEC iQ-Q 06 UDEHCPU: All versions
MELSEC iQ-Q 10 UDEHCPU: All versions
MELSEC iQ-Q 13 UDEHCPU: All versions
MELSEC iQ-Q 20 UDEHCPU: All versions
MELSEC iQ-Q 26 UDEHCPU: All versions
MELSEC iQ-Q 50 UDEHCPU: All versions
MELSEC iQ-Q 100 UDEHCPU: All versions
MELSEC iQ-Q 03 UDVCPU: All versions
MELSEC iQ-Q 04 UDVCPU: All versions
MELSEC iQ-Q 06 UDVCPU: All versions
MELSEC iQ-Q 13 UDVCPU: All versions
MELSEC iQ-Q 26 UDVCPU: All versions
MELSEC iQ-Q 04 UDPVCPU: All versions
MELSEC iQ-Q 06 UDPVCPU: All versions
MELSEC iQ-Q 13 UDPVCPU: All versions
MELSEC iQ-Q 26 UDPVCPU: All versions
MELSEC L Series L02CPU(-P): All versions
MELSEC L Series L06CPU(-P): All versions
MELSEC L Series L26CPU(-P): All versions
MELSEC L Series L26CPU-(P)BT: All versions
External linkshttp://www.cisa.gov/news-events/ics-advisories/icsa-24-074-14
http://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2023-024_en.pdf
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
