Mitsubishi Electric Alert
14795Warning Date
Severity Level
Warning Number
Target Sector
26 September, 2022
● High
2022-5274
Manufacturing
Mitsubishi Electric has released security updates to address a vulnerability in the following products:
- QJ71MES96, all versions
- QJ71WS96, all versions
- Q06CCPU-V, all versions
- Q24DHCCPU-V, the first 5 digits of serial number 24031 and prior
- Q24DHCCPU-VG, the first 5 digits of serial number 24031 and prior
- R12CCPU-V, Version 13 and prior
- RD55UP06-V, Version 09 and prior
- RD55UP12-V, Version 01
- RJ71GN11-T2, Version 11 and prior
- RD78Gn(n=4,8,16,32,64), Version 14 and prior
- RD78GHV, Version 14 and prior
- RD78GHW, Version 14 and prior
- NZ2FT-MT, all versions
- NZ2FT-EIP, all versions
- Q03UDECPU, the first 5 digits of serial number 22081 and prior
- QnUDEHCPU(n=04/06/10/13/20/26/50/100), the first 5 digits of serial number 22081 and prior
- QnUDVCPU(n=03/04/06/13/26), the first 5 digits of serial number 22031 and prior
- QnUDPVCPU(n=04/06/13/26), the first 5 digits of serial number 22031 and prior
- LnCPU(-P)(n=02/06/26), the first 5 digits of serial number 22051 and prior
- L26CPU-(P)BT, the first 5 digits of serial number 22051 and prior
- RnCPU(n=00/01/02), Version 18 and prior
- RnCPU(n=04/08/16/32/120), Version 50 and prior
- RnENCPU(n=04/08/16/32/120), Version 50 and prior
- RnSFCPU (n=08/16/32/120), Version 22 and prior
- RnPCPU(n=08/16/32/120), Version 24 and prior
- RnPSFCPU(n=08/16/32/120), Version 05 and prior
- FX5U(C)-**M*/**
- Case1: Serial number 17X**** or later: Version 1.210 and prior
- Case2: Serial number 179**** and prior: Version 1.070 and prior
- FX5UC-32M*/**-TS, Version 1.210 and prior
- FX5UJ-**M*/**, Version 1.000
- FX5-ENET, Version 1.002 and prior
- FX5-ENET/IP, Version 1.002 and prior
- FX3U-ENET-ADP, Version 1.22 and prior
- FX3GE-**M*/**, the first 3 digits of serial number 20X and prior
- FX3U-ENET, Version 1.14 and prior
- FX3U-ENET-L, Version 1.14 and prior
- FX3U-ENET-P502, Version 1.14 and prior
- FX5-CCLGN-MS, Version 1.000
- IU1-1M20-D, all versions
- LE7-40GU-L, screen package data, version 1.01 and prior
- GOT2000 Series GT21 Model, Version 01.44.000 and prior
- GS Series GS21 Model, Version 01.44.000 and prior
- GOT1000 Series GT14 Model, all versions
- FR-A800-E Series, production date December 2020 and prior
- FR-F800-E Series, production date December 2020 and prior
- FR-A8NCG, Production date August 2020 and prior
- FR-E800-EPA Series, Production date July 2020 and prior
- FR-E800-EPB Series, Production date July 2020 and prior
- Conveyor Tracking Application APR-nTR3FH, APR-nTR6FH, APR-nTR12FH, APR-nTR20FH(n=1,2), all versions (Discontinued product)
- MR-JE-C, all versions
- MR-J4-TM, all versions
- RJ71EN71, Version 48 and prior
- QJ71E71-100, the first 5 digits of serial number 21092 and prior
- LJ71E71-100, the first 5 digits of serial number 21092 and prior
- QJ71MT91, the first 5 digits of serial number 20082 and prior
- NZ2GACP620-60, Version 1.03D and prior
- NZ2GACP620-300, Version 1.03D and prior
- GT25-J71GN13-T2, Version 03 and prior
- CPU Module Logging Configuration Tool, versions 1.100E and prior
- CW Configurator, Versions 1.010L and prior
- Data Transfer, Versions 3.40S and prior
- EZSocket, Versions 4.5 and prior
- FR Configurator2, Versions 1.22Y and prior
- GT Designer3 Version1 (GOT2000), Versions 1.235V and prior
- GT SoftGOT1000 Version3, 3.200J and prior
- GT SoftGOT1000 Version3, all versions
- GT SoftGOT2000 Version1, Bersions 1.235V and prior
- GX LogViewer, Versions 1.100E and prior
- GX Works2, Versions 1.592S and prior
- GX Works3, Versions 1.063R and prior
- M_CommDTM-HART, Version 1.00A
- M_CommDTM-IO-Link, Versions 1.03D and prior
- MELFA-Works, versions 4.3 and prior
- MELSEC WinCPU Setting Utility, Versions 1.03D and prior
- MELSOFT EM Software Development Kit (EM Configurator), Versions 1.010L and prior
- MELSOFT FieldDeviceConfigurator, Versions 1.03D and prior
- MELSOFT Navigator, Versions 2.62Q and prior
- MH11 SettingTool Version2, versions 2.002C and prior
- MI Configurator, Versions 1.004E and prior
- Motorizer, Versions 1.005F and prior
- MR Configurator2, Versions 1.105K and prior
- MT Works2, Versions 1.156N and prior
- MX Component, Versions 4.19V and prior
- Network Interface Board CC IE Control utility, Versions 1.29F and prior
- Network Interface Board CC IE Field Utility, Versions 1.16S and prior
- Network Interface Board CC-Link Ver.2 Utility, Versions 1.23Z and prior
- Network Interface Board MNETH utility, Versions 34L and prior
- PX Developer, Versions 1.52E and prior
- RT ToolBox2, Versions 3.72A and prior
- RT ToolBox3, Versions 1.70Y and prior
- Setting/monitoring tools for the C Controller module (SW4PVC-CCPU), Versions 4.12N and prior
An attacker could exploit this vulnerability by executing arbitrary code remotely.
The CERT team encourages users to apply the necessary updates by using the following link: