Mitsubishi Electric Alert103
Warning Date: 15 September, 2021
Severity Level ● High
Warning Number: 2021-3529
Target Sector: Manufacturing
Mitsubishi Electric has released security updates to address multiple vulnerabilities in the following products:
- R00/01/02CPU firmware Versions 19 and earlier
- R04/08/16/32/120(EN)CPU firmware Versions 51 and earlier
- R08/16/32/120SFCPU firmware Versions 22 and earlier
- R08/16/32/120PCPU firmware Versions 25 and earlier
- R08/16/32/120PSFCPU firmware Versions 06 and earlier
- RJ71EN71 firmware Versions 47 and earlier
- RJ71GF11-T2 firmware Versions 47 and earlier
- RJ72GF15-T2 firmware Versions 07 and earlier
- RJ71GP21-SX firmware Versions 47 and earlier
- RJ71GP21S-SX firmware Versions 47 and earlier
- RJ71C24(-R2/R4) all versions
- RJ71GN11-T2 firmware Versions 11 and earlier
Attackers could exploit these vulnerabilities by conducting Denial of service attack (DoS).
Best practice and Recommendations:
Mitsubishi Electric recommends following the below recommendations:
- Use a firewall or VPN, etc., to prevent unauthorized access when Internet access is required.
- Use within a LAN and block access from untrusted networks and hosts through firewalls.