FA Products SecurityVulnerability Information
Vulnerability status of Factory Automation Products
Please check here for the latest information on vulnerabilities in our Factory Automation products (Due to posting the link to ICSA information on FA site, there may be a time lag from the time of publication on the Melco's site.)
Mitsubishi Electric's Vulnerability Information
Dispatch date of Information |
AFFECTED PRODUCTS | Title / Detail Information | Remarks | |
---|---|---|---|---|
CVSS Score | 3rd Party Advisory | |||
release:2024/10/22 | ・GENESIS64TM Version 10.97.3 and prior ・MC Works64 All versions |
Information Disclosure, Information Tampering and Denial of Service (DoS) Vulnerability in GENESIS64TM and MC Works64 | ||
7.8 | To be updated | |||
release:2024/10/17 | ・M800V/M80V Series ・M800/M80/E80 Series ・C80 Series ・M700V/M70V/E70 Series ・Software Tools |
Denial of Service (DoS) Vulnerability in Mitsubishi Electric CNC Series | ||
5.9 | ICSA-24-291-03 | |||
update: 2024/10/17 release:2024/07/02 |
・CVE-2023-2650 : GENESIS64TM Version 10.97.2 ・CVE-2023-4807 : GENESIS64TM Version 10.97.2 ・CVE-2024-1182 : GENESIS64TM all versions and MC Works64 all versions ・CVE-2024-1573 : GENESIS64TM Versions 10.97 to 10.97.2 and MC Works64 all versions ・CVE-2024-1574 : GENESIS64TM Versions 10.97 to 10.97.2 and MC Works64 all versions |
Multiple Vulnerabilities in GENESIS64TM and MC Works64 |
<Update history:October 17, 2024> |
|
3.7-7.0 | ICSA-24-184-03 | |||
release:2024/10/01 | FX5-OPC | Denial-of-Service (DoS) Vulnerability due to OpenSSL Vulnerability in MELSEC iQ-F OPC UA Unit | ||
7.5 | ICSA-24-275-02 | |||
update: 2024/09/05 release:2022/12/22 |
MELSEC iQ-R, iQ-L Series and MELIPC Series | Denial-of-Service Vulnerability in Ethernet port of MELSEC iQ-R, iQ-L Series and MELIPC Series |
<Update history:September 5, 2024> <Update history:July 4, 2024> <Update history:May 30, 2024> <Update history:December 12, 2023> <Update history:July 13, 2023> |
|
7.5 | ICSA-22-356-03 | |||
update: 2024/09/05 release:2020/10/29 |
MELSEC iQ-R, Q and L Series | Denial-of-Service Vulnerability in Ethernet Port on CPU Module of MELSEC iQ-R, Q and L Series |
<Update history:September 5, 2024> <Update history:December 19, 2023> <Update history:March 29, 2022> <Update history:January 13, 2022> <Update history:May 18, 2021> |
|
7.5 | ICSA-20-303-01 | |||
update: 2024/08/22 release:2020/10/08 |
MELSEC iQ-R Series | Denial-of-Service Vulnerability in MELSEC iQ-R Series Ethernet Port |
<Update history:August 22, 2024> <Update history:May 18, 2021> <Update history:February 18, 2021> <Update history:October 26, 2020> |
|
8.6 | ICSA-20-282-02 | |||
release:2024/07/18 | MELSOFT MaiLab ・SW1DND-MAILAB-M ・SW1DND-MAILABPR-M |
Denial-of-Service (DoS) Vulnerability due to OpenSSL Vulnerability in MELSOFT MaiLab | ||
5.9 | ICSA-24-200-01 | |||
release:2024/07/04 | MELIPC Series MI5122-VW Firmware versions "05" to "07" |
Malicious Code Execution Vulnerability in MELIPC Series MI5122-VW |
||
8.8 | ICSA-24-191-02 | |||
update: 2024/07/04 release:2023/09/19 |
GX Works3, all versions | Malicious Code Execution Vulnerability in FA Engineering Software Products |
<Update history:July 4, 2024> |
|
9.3 | ICSA-23-269-03 | |||
update: 2024/06/21 release:2024/02/20 |
・Wire-cut EDM MV/MP/MX Series ・Sinker EDM SV-P/SG Series |
Remote Code Execution Vulnerability due to Microsoft Message Queuing in Electrical Discharge Machines |
<Update history:June 21, 2024> <Update history:April 23, 2024> |
|
9.8 | ICSA-24-051-03 | |||
update:2024/06/13 release:2024/03/14 |
MELSEC-Q Series MELSEC-L Series |
Information Disclosure and Remote Code Execution Vulnerabilities in MELSEC-Q/L Series CPU Module |
<Update history:June 13, 2024> <Update history:May 16, 2024> |
|
9.8 | ICSA-24-074-14 | |||
update: 2024/06/13 release:2020/08/31 |
TCP Protocol Stack | Impact of Impersonation Vulnerability in TCP Protocol Stack |
<Update history:June 13, 2024> <Update history:June 29, 2023> <Update history:September 22, 2022> <Update history:May 24, 2022> <Update history:August 24, 2021> <Update history:May 18, 2021> <Update history:February 18, 2021> <Update history:January 26, 2021> <Update history:September 24, 2020> |
|
7.3 | ICSA-20-245-01 | |||
release:2024/06/04 | CC-Link IE TSN Industrial Managed Switch ・NZ2MHG-TSNT8F2 ・NZ2MHG-TSNT4 |
Denial-of-Service (DoS) Vulnerability due to OpenSSL Vulnerability in CC-Link IE TSN Industrial Managed Switch | ||
2.7 | ICSA-24-158-03 | |||
update: 2024/06/04 release:2023/10/05 |
CC-Link IE TSN Industrial Managed Switch ・NZ2MHG-TSNT8F2 ・NZ2MHG-TSNT4 |
Information Disclosure Vulnerability and Denial-of-Service (DoS) Vulnerability due to OpenSSL Vulnerabilities in CC-Link IE TSN Industrial Managed Switch |
<Update history:June 4, 2024> |
|
5.9-6.5 | ICSA-23-278-03 | |||
update: 2024/05/30 release:2022/06/14 |
MELSEC iQ-R, Q and L Series MELIPC Series |
Denial-of-Service Vulnerability in Ethernet Port of MELSEC and MELIPC Series |
<Update history:May 30, 2024> <Update history:July 27, 2023> <Update history:August 16, 2022> |
|
7.5 | ICSA-22-172-01 | |||
update:2024/05/16 release:2024/02/13 |
・MELSEC iQ-R Series Safety CPU ・MELSEC iQ-R Series SIL2 Process CPU |
Information Disclosure Vulnerability in MELSEC iQ-R Series Safety CPU and SIL2 Process CPU Module |
<Update history:May 16, 2024> |
|
6.5 | ICSA-24-044-01 | |||
release:2024/05/14 | GX Work3 | Multiple Vulnerabilities due to Vulnerabilities in Jungo's WinDriver in Multiple FA Engineering Software Products | ||
4.4-6.0 | ICSA-24-135-04 | |||
update:2024/04/25 release:2023/06/01 |
MELSEC iQ-R Series EtherNet/IP module RJ71EIP91 EtherNet/IP configuration tool MELSEC iQ-F Series EtherNet/IP module FX5-ENET/IP EtherNet/IP configuration tool |
Multiple Vulnerabilities in MELSEC iQ-R Series/iQ-F Series EtherNet/IP Modules and EtherNet/IP Configuration tool |
<Update history:April 25, 2024> |
|
6.2-7.5 | ICSA-23-157-02 | |||
update:2024/04/25 release:2023/05/23 |
MELSEC iQ-F Series MELSEC iQ-R Series |
Denial-of-Service and Malicious Code Execution Vulnerability in MELSEC Series CPU module |
<Update history:April 25, 2024> <Update history:March 14, 2024> <Update history:September 12, 2023> <Update history:July 6, 2023> |
|
10 | ICSA-23-143-03 | |||
update: 2024/04/18 release:2021/12/16 |
MELSEC Series | Multiple Denial of Service (DoS) Vulnerabilities in TCP/IP Protocol Stack of MELSEC Series Remote I/O |
<Update history:April 18, 2024> |
|
7.5 | ICSA-21-217-01 | |||
update: 2024/04/18 release:2021/08/06 |
MELSEC iQ-R Series | Authorization Bypass vulnerability in MELSEC iQ-R Series Safety CPU/SIL2 Process CPU Module |
<Update history:April 18, 2024> <Update history:October 13, 2022> <Update history:October 13, 2021> <Update history:October 12, 2021> |
|
9.1 | ICSA-21-287-03 | |||
update: 2024/04/18 release:2021/08/05 |
MELSEC iQ-R Series | Information disclosure vulnerability in MELSEC iQ-R Series CPU Module |
<Update history:April 18, 2024> <Update history:October 13, 2022> |
|
5.9 | ICSA-21-250-01 | |||
update: 2024/04/18 release:2021/08/05 |
MELSEC iQ-R Series | Unauthorized login vulnerability in MELSEC iQ-R Series CPU Module |
<Update history:April 18, 2024> <Update history:October 13, 2022> |
|
7.4 | ICSA-21-250-01 | |||
release:2024/02/27 | MELSEC iQ-F Series | Denial-of-Service Vulnerability in Ethernet function of multiple FA products | ||
5.3 | ICSA-24-058-01 | |||
update:2024/02/15 release:2023/11/02 |
MELSEC iQ-F Series F | Denial-of-Service(DoS) Vulnerability in Web server function on MELSEC Series CPU module |
<Update history:February 15, 2024> |
|
5.3 | ICSA-23-306-02 | |||
release:2024/01/30 | ・EZSocket 3.0 and later ・FR Configurator2 All versions ・GT Designer3 Version1(GOT1000) All versions ・GT Designer3 Version1(GOT2000) All versions ・GX Works2 1.11M and later ・GX Works3 All versions ・MELSOFT Navigator 1.04E and later ・MT Works2 All versions ・MX Component 4.00A and later ・MX OPC Server DA/UA (Software packaged with MC Works64) All versions |
Authentication Bypass Vulnerability and Remote Code Execution Vulnerability in Multiple FA Engineering Software Products | ||
7.5-9.8 | ICSA-24-030-02 | |||
release:2024/01/30 | MELSEC WS Series | Authentication Bypass Vulnerability in MELSEC WS Series Ethernet Interface Module | ||
5.9 | ICSA-24-030-03 | |||
update: 2024/01/30 release:2023/07/27 |
M800V/M80V Series M800/M80/E80 Series C80 M700V/M70V/E70 Series IoT Unit |
Denial of Service (DoS) and Malicious Code Execution Vulnerability in MITSUBISHI CNC Series |
<Update history:January 30, 2024> <Update history:December 5, 2023> <Update history:November 21, 2023> <Update history:October 31, 2023> <Update history:August 3, 2023> |
|
9.8 | ICSA-23-208-03 | |||
release:2023/12/21 | GT SoftGOT2000 OPC UA data collector MX OPC Server UA (Software packaged with MC Works64) OPC UA server unit FX5-OPC |
Multiple Vulnerabilities due to OpenSSL Vulnerabilities in multiple FA products | ||
5.9-7.5 | icsa-24-004-02 | |||
update: 2023/12/12 release:2022/11/24 |
GX Works3, MX OPC UA Module Configurator-R | Multiple Vulnerabilities in Multiple FA Engineering Software |
<Update history:December 12, 2023> <Update history:June 29, 2023> <Update history:May 30, 2023> |
|
3.7-9.1 | ICSA-22-333-05 | |||
release:2023/12/07 | MELIPC Series MELSEC iQ-R Series MELSEC Q Series |
Multiple Vulnerabilities in Multiple FA Engineering Software | ||
2.5-5.3 | ICSA-23-341-01 | |||
release:2023/11/30 | GX Works3 All versions MELSOFT iQ AppPortal All versions MELSOFT Navigator All versions Motion Control Setting (*1) All versions |
Malicious Code Execution Vulnerability in Multiple FA Engineering Software Products | ||
7.8 | ICSA-23-334-04 | |||
release:2023/11/21 | GX Works2, all versions | Denial-of-Service (DoS) Vulnerabilities in simulation function of GX Works2 | ||
2.9 | ICSA-23-331-03 | |||
update: 2023/11/16 release:2022/12/13 |
GENESIS64TM : Version 10.97 to 10.97.2 | Information Tampering Vulnerability in the project management function of GENESIS64TM |
<Update history:November 16, 2023> <Update history:August 3, 2023> <Update history:February 9, 2023> <Update history:December 27, 2022> |
|
6.3 | ICSA-22-347-01 | |||
update: 2023/11/09 release:2021/11/30 |
MELSEC and MELIPC Series | Multiple Denial-of-Service Vulnerabilities in Ethernet port of MELSEC and MELIPC Series |
<Update history:November 9, 2023> <Update history:April 24, 2023> <Update history:November 24, 2022> <Update history:July 26, 2022> <Update history:May 31, 2022> <Update history:April 26, 2022> <Update history:January 27, 2022> |
|
7.5 | ICSA-21-334-02 | |||
release:2023/11/02 | MELSEC-F series MELSEC iQ-F series |
Denial-of-Service(DoS) Vulnerability in MELSEC Series | ||
9.1 | ICSA-23-306-03 | |||
release:2023/10/12 | MELSEC-F series | Information Disclosure, Information Tampering and Authentication Bypass Vulnerability in MELSEC-F Series main module |
||
9.1 | ICSA-23-285-13 | |||
update: 2023/08/30 release:2023/03/07 |
GENESIS64 Version 10.97.2 | Multiple Denial-of-Service (DoS) Vulnerabilities in the BACnet® secure connect function of GENESIS64TM |
<Update history:August 30, 2023> |
|
5.9 | VU#794340 | |||
update: 2023/08/22 release:2023/05/18 |
MELSEC WS Series | Authentication Bypass Vulnerability in MELSEC WS Series Ethernet Interface Module |
<Update history:August 22, 2023> |
|
7.5 | ICSA-23-138-02 | |||
release:2023/08/17 | GENESIS64TM Version 10.97.2 | Multiple Vulnerabilities due to OpenSSL Vulnerabilities in the BACnet® secure connect function of GENESIS64TM | ||
4.4-5.9 | ICSA-23-229-01 | |||
release:2023/08/03 | GT Designer3, GOT2000 Series, GOT SIMPLE Series and GT SoftGOT2000 | Information Disclosure Vulnerability in Data Transfer Security Function on GT Designer3, GOT2000 Series, GOT SIMPLE Series and GT SoftGOT2000 | ||
7.5 | ICSA-23-215-02 | |||
release:2023/08/03 | GOT2000 Series and GOT SIMPLE Series | Denial-of-Service (DoS) and Spoofing Vulnerability in FTP Server Function on GOT2000 Series and GOT SIMPLE Series | ||
5.9 | ICSA-23-215-01 | |||
update: 2023/08/03 release:2022/07/19 |
GENESIS64TM and MC Works64 | Multiple Vulnerabilities in GENESIS64TM and MC Works64 |
<Update history:August 3, 2023> <Update history:February 9, 2023> <Update history:December 15, 2022> <Update history:September 30, 2022> <Update history:August 30, 2022> |
|
7.5-9.8 | ICSA-22-202-04 | |||
release:2023/06/29 | MELSEC-F series | Authentication Bypass Vulnerability in MELSEC-F Series main module | ||
7.5 | ICSA-23-180-04 | |||
update: 2023/06/20 release:2023/03/02 |
MELSEC iQ-F Series MELSEC iQ-R Series MELSEC-Q Series MELSEC-L Series |
Information Disclosure Vulnerability in MELSEC Series |
<Update history:June 20, 2023> |
|
7.5 | ICSA-23-061-01 | |||
release:2023/04/27 | MELIPC, MELSEC iQ-R and MELSEC Q Series | Multiple vulnerabilities due to Intel products in multiple FA products(April 2023) | ||
8.8 | ICSA-23-122-01 | |||
update: 2023/04/18 release:2023/01/17 |
MELSEC iQ-F/MELSEC iQ-R Series | Authorization Bypass Vulnerability in WEB Server Function on MELSEC |
<Update history:April 18, 2023> <Update history:February 28, 2023> <Update history:January 26, 2023> |
|
5.9 | ICSA-23-017-02 | |||
update: 2023/04/11 release:2020/07/30 |
FA Engineering Software Products | Malicious Code Execution Vulnerability in Multiple FA Engineering Software Products |
<Update history:April 11, 2023> <Update history:March 2, 2023> <Update history:November 17, 2022> <Update history:July 28, 2022> <Update history:May 24, 2022> <Update history:February 8, 2022> <Update history:November 16, 2021> <Update history:July 27, 2021> <Update history:May 27, 2021> <Update history:January 14, 2021> <Update history:November 5, 2020> |
|
8.3 | ICSA-20-212-04 | |||
update: 2023/02/28 release:2022/05/17 |
MELSEC iQ-F Series | Multiple Denial-of-Service Vulnerabilities in MELSEC iQ-F Series CPU module |
<Update history:February 28 ,2023> <Update history:May 31, 2022> |
|
5.3-8.6 | ICSA-22-139-01 | |||
release:2023/02/21 | MELSOFT iQ AppPortal | HTTP Request Smuggling Vulnerability and IP Address Authentication Bypass Vulnerability in MELSOFT iQ AppPortal | ||
9.8 | ICSA-23-052-01 | |||
release:2023/02/02 | GOT2000 Series and GT SoftGOT2000 | Leading users to unintended operation Vulnerability and Information Disclosure and Spoofing Vulnerability in GOT Mobile Function on GOT2000 Series and GT SoftGOT2000 | ||
6.1-6.8 | ICSA-23-033-02 | |||
update: 2023/01/31 release:2022/08/02 |
FA Products | Denial-of-Service (DoS) Vulnerability and Arbitrary Command Execution Vulnerability due to OpenSSL Vulnerabilities in Multiple FA Products |
<Update history:January 31, 2023> <Update history:November 1, 2022> <Update history:August 30, 2022> <Update history:August 18, 2022> |
|
7.5-9.8 | ICSA-22-221-01 | |||
release:2023/01/26 | MELFA SD/SQ series and F-series | Authentication Bypass Vulnerability in Robot Controller of MELFA SD/SQ series and F-series | ||
7.5 | ICSA-23-026-05 | |||
release:2022/11/29 | MELSEC iQ-R Series RJ71EN71, R04/08/16/32/120ENCPU(Network Part) | Denial of Service (DoS) Vulnerability in MELSEC iQ-R Series Ethernet Interface Module | ||
8.6 | ICSA-22-335-01 | |||
release:2022/11/24 | GOT2000 Series GT27 mode,GT25 mode, GT23 mode | Denial-of-Service (DoS) Vulnerability in FTP Server Function on GOT2000 Series | ||
5.3 | ICSA-22-333-01 | |||
update: 2022/11/17 release:2021/02/18 |
FA Engineering Software Products | Multiple Denial-of-Service Vulnerabilities in Multiple FA Engineering Software Products |
<Update history:November 17, 2022> <Update history:July 28, 2022> <Update history:May 24, 2022> <Update history:February 8, 2022> <Update history:November 16, 2021> <Update history:July 27, 2021> <Update history:May 27, 2021> |
|
7.5 | ICSA-21-049-02 | |||
release:2022/11/15 | GT SoftGOT2000 | Arbitrary Command Execution Vulnerability due to OpenSSL Vulnerability in GT SoftGOT2000 | ||
9.8 | ICSA-22-319-01 | |||
update: 2022/09/22 release:2020/07/30 |
FA Engineering Software Products | Vulnerability due to Improper File Access Control in Multiple FA Engineering Software Products |
<Update history:September 22, 2022> <Update history:July 28, 2022> <Update history:May 24, 2022> <Update history:December 17, 2020> |
|
8.3 | ICSA-20-212-02 | |||
update: 2022/07/28 release:2021/12/16 |
FA Engineering Software | Multiple Denial-of-Service Vulnerabilities in Multiple FA Engineering Software |
<Update history:July 28, 2022> <Update history:June 30, 2022> |
|
5.5 | ICSA-21-350-05 | |||
update: 2022/07/28 release:2020/07/30 |
FA Products | Malicious Code Execution Vulnerability in Multiple FA Products |
<Update history:July 28, 2022> <Update history:May 27, 2022> <Update history:January 14, 2021> |
|
8.3 | ICSA-20-212-03 | |||
update: 2022/07/07 release:2021/10/27 |
MELSEC iQ-R Series | Denial-of-Service Vulnerability in MELSEC iQ-R Series C Controller Module |
<Update history:July 7, 2022> <Update history:October 28, 2021> |
|
6.8 | ICSA-21-280-04 | |||
release:2022/06/02 | MELSEC-Q/L Series and MELSEC iQ-R Series | Denial of Service(DoS) and Remote Code Execution Vulnerability in MELSEC-Q/L Series Ethernet Interface Module and MELSEC iQ-R Series MES Interface Module | ||
8.1 | ICSA-22-165-03 | |||
update: 2022/05/31 release:2022/03/31 |
iQ-F Series | Authentication Bypass, Information Disclosure and Information Tampering Vulnerabilities in Multiple FA Products |
<Update history:May 31, 2022> |
|
5.9-7.4 | ICSA-22-090-04 | |||
release:2022/05/12 | MELSOFT iQ AppPortal | Multiple vulnerabilities in MELSOFT iQ AppPortal | ||
5.5-9.8 | ICSA-22-132-02 | |||
release:2022/05/10 | MELSOFT GT OPC UA Client | Information Disclosure and Denial-of-Service (DoS) Vulnerabilities due to OpenSSL vulnerabilities on MELSOFT GT OPC UA Client | ||
7.4-7.5 | ICSA-22-130-06 | |||
update: 2022/05/10 release:2021/09/02 |
GOT | Multiple vulnerabilities in Wireless Communication Standards IEEE 802.11 (Frag Attacks) |
<Update history:May 10, 2022> <Update history:March 22, 2022> |
|
2.6-7.5 | ICSA-22-102-04 | |||
release:2022/04/07 | MELSEC-Q Series | Denial of Service(DoS) and Malicious Code Execution Vulnerability in DHCP client function on MELSEC-Q Series C Controller Module | ||
9.0 | ICSA-22-102-02 | |||
update: 2022/04/07 release:2021/09/06 |
[Withdraw]Multiple Denial of Service (DoS) Vulnerabilities in TCP/IP Protocol Stack of GOT and Tension Controller |
<Update history:April 7, 2022> <Update history:October 5, 2021> |
||
ICSA-21-278-01 | ||||
release:2022/03/29 | CC-Link IE TSN Configurator | Impact of multiple vulnerabilities in Apache Log4j (Log4shell) | ||
5.9-10.0 | Apache Log4j Vulnerability Guidance | |||
release:2022/02/15 | Energy Saving Data Collecting Server (EcoWebServerIII) | Multiple Vulnerabilities in web functions of Energy Saving Data Collecting Server (EcoWebServerIII) | ||
6.1 7.5 |
- | |||
release:2022/01/20 | GENESIS64 and MC Works64 | Denial of Service (DoS) Vulnerability in database server of GENESIS64 and MC Works64 | ||
5.9 | ICSA-22-020-01 | |||
release:2022/01/20 | GENESIS64 and MC Works64 | Information Disclosure Vulnerability in GENESIS64 and MC Works64 | ||
7.7 | ICSA-22-020-01 | |||
release:2022/01/20 | GENESIS64 and MC Works64 | Authentication Bypass Vulnerability in Web communication function on GENESIS64 and MC Works64 | ||
9.8 | ICSA-22-020-01 | |||
release:2022/01/20 | MC Works64 | Information Disclosure Vulnerability in MC Works64 mobile monitoring | ||
4.2 | ICSA-22-020-01 | |||
update: 2022/01/20 release:2021/05/11 |
GOT and Tension Controller | Denial-of-Service (DoS) Vulnerability in MODBUS/TCP slave communication function on GOT and Tension Controller |
<Update history:January 20, 2022> |
|
5.9 | ICSA-21-131-02 | |||
update: 2022/01/20 release:2020/12/03 |
GOT and Tension Controller | Denial-of-Service Vulnerability in TCP/IP Stack of GOT and Tension Controller |
<Update history:January 20, 2022> <Update history:May 11, 2021> |
|
7.5 | ICSA-20-343-02 | |||
release:2022/01/13 | MELSEC-F Series | Denial of Service (DoS) Vulnerability in MELSEC-F Series Ethernet interface block | ||
7.5 |
ICSA-22-013-01 ICSA-22-013-07 |
|||
release:2022/01/13 | MELSEC-F Series | Denial of Service (DoS) and potential unspecified Vulnerability in MELSEC-F Series Ethernet interface block | ||
7.5 |
ICSA-22-013-01 ICSA-22-013-07 |
|||
release:2021/12/16 | GX Works2 | Denial-of-Service (DoS) Vulnerability in GX Works2 | ||
5.3 | ICSA-21-350-04 | |||
update: 2021/12/16 release:2020/11/19 |
MELSEC iQ-R Series | Denial-of-Service Vulnerability in MELSEC iQ-R Series Ethernet Port |
<Update history:December 16, 2021> <Update history:September 14, 2021> <Update history:May 18, 2021> |
|
7.5 | ICSA-20-324-05 | |||
release:2021/11/16 | GOT2000 series,GOT SIMPLE series and GT SoftGOT2000 | Information Tampering Vulnerability in GOT2000 series,GOT SIMPLE series and GT SoftGOT2000 | ||
7.5 | ICSA-21-320-02 | |||
update: 2021/11/25 release:2021/10/21 |
GENESIS64 and MC Works64 | Arbitrary code execution vulnerablity in AutoCAD (DWG) file import function of GENESIS64 and MC Works64 |
<Update history:November 25, 2021> |
|
7.8 | ICSA-21-294-01 | |||
release:2021/10/12 | GENESIS64 and MC Works64 | Denial of Service (DoS) Vulnerability in OPC UA communication function of GENESIS64 and MC Works64 | ||
7.5 | ICSA-21-294-03 | |||
release:2021/08/05 | MELSEC iQ-R Series | Denial-of-Service Vulnerability in MELSEC iQ-R Series CPU Module | ||
3.7 | ICSA-21-250-01 | |||
release:2021/07/27 | GOT | Denial-of-Service (DoS) Vulnerability in MODBUS/TCP slave communication function on GOT | ||
5.9 | ICSA-21-208-02 | |||
update: 2021/07/27 release:2021/04/22 |
GOT | Password authentication bypass vulnerability in VNC function of GOT |
<Update history:July 27, 2021> |
|
5.9 | ICSA-21-112-02 | |||
release:2021/07/20 | MELSEC-F Series | Denial of Service (DoS) Vulnerability in MELSEC-F Series Ethernet interface block | ||
7.5 | ICSA-21-201-01 | |||
update:2021/06/17 release:2021/02/16 |
MELSOFT FieldDeviceConfigurator | Arbitrary code execution vulnerability in MELSOFT FieldDeviceConfigurator product |
<Update history:June 17, 2021> |
|
7.3 | ICSA-21-021-05 | |||
update: 2021/06/14 release:2020/06/18 |
MC Works 64 and MC Works 32 | Denial of Service vulnerability and Remote Code Execution vulnerability in MC Works 64 and MC Works 32 |
<Update history:June 14, 2021> <Update history:January 14, 2021> <Update history:December 8, 2020> <Update history:September 9, 2020> |
|
7.5 - 9.8 | ICSA-20-170-02 | |||
release:2021/05/27 | MELSEC iQ-R Series | Denial-of-Service Vulnerability in MELSOFT Transmission Port (TCP/IP) | ||
5.3 | ICSA-21-147-05 | |||
update: 2021/05/18 release:2021/01/21 |
MELFA FR,CR Series and ASSISTA | Denial-of-Service Vulnerability in Robot Controller of MELFA FR Series and CR Series as well as ASSISTA |
<Update history:May 18, 2021> |
|
7.5 | ICSA-21-021-04 | |||
update: 2021/04/20 release:2020/06/09 |
MELSEC iQ-R Series | Denial-of-Service Vulnerability in MELSEC iQ-R Series Ethernet Port |
<Update history:April 20, 2021> <Update history:November 5, 2020> |
|
5.3 | ICSA-20-161-02 | |||
release:2020/12/10 | MELSEC iQ-F Series | Denial-of-Service Vulnerability in Ethernet Port on CPU Module of MELSEC iQ-F Series | ||
7.4 | ICSA-20-345-01 | |||
release:2020/11/12 | MELSEC iQ-R Series | Denial-of-Service Vulnerability in MELSEC iQ-R Series CPU Modules | ||
6.8 | ICSA-20-317-01 | |||
release:2020/11/05 | GOT1000 Series | Multiple vulnerabilities in TCP/IP Stack on GT14 Model of GOT1000 Series | ||
5.3 - 9.8 | ICSA-20-310-02 | |||
release:2020/10/29 | MELSEC iQ-R Series | Multiple Vulnerabilities in TCP/IP stack on MELSEC iQ-R Series Information/Network Module | ||
5.3 - 9.8 | ICSA-20-303-02 | |||
release:2020/07/03 | GOT2000 Series | Multiple vulnerabilities in TCP/IP Stack on GOT2000 Series | ||
5.3 - 9.8 | ICSA-20-189-02 | |||
release:2020/06/30 | FA Engineering Software Products | Multiple Vulnerabilities Due to Improper Handling of XML in Multiple FA Engineering Software Products | ||
7.5 | ICSA-20-182-02 | |||
release:2020/06/23 | MELSEC iQ-R, iQ-F, Q, L and FX series | Vulnerability of Information Disclosure, Information Tampering, Unauthorized Operation and Denial-of-Service (DoS) between MELSEC iQ-R, iQ-F, Q, L and FX series CPU modules and GX Works3/GX Works2 | ||
10.0 | ICSA-20-175-01 | |||
release:2020/03/30 | MELSOFT | Remote Access Vulnerability in MELSOFT Transmission Port (UDP/IP) | ||
5.3 | ICSA-20-091-02 | |||
release:2020/02/14 | MELSEC-Q Series C Controller Module, MELSEC iQ-R Series C Controller Module / C Intelligent Function Module, MELIPC Series MI5000 |
Multiple vulnerabilities in TCP/IP function on MELSEC C Controller Module and MELIPC Series MI5000 | ||
5.3 - 9.8 | JVNVU#95424547 | |||
release:2019/11/07 | MELSEC-Q Series, MELSEC-L Series | Vulnerability of FTP server function on MELSEC Q/L Series CPU modules | ||
7.5 | ICSA-19-311-01 | |||
release:2019/05/21 | MELSEC-Q Series |
Technical News |
||
7.5 | ICSA-19-141-02 | |||
release:2016/12/01 | MELSEC-Q Series |
Technical News FA-A-0230: Vulnerabilities of MELSEC-Q series Ethernet interface modules |
||
8.6 | ICSA-16-336-03 |