Your review has been sent successfully

Mitsubishi Electric Alert

11919
Classification
These posts contain security alerts, including digital loopholes, electronic attacks, technical updates, and they are classified base on the level of severity.

Critical

High

Medium

Low

Warning Date

Severity Level

Warning Number

Target Sector

26 September, 2022

● High

2022-5274

Manufacturing

Description:

Mitsubishi Electric has released security updates to address a vulnerability in the following products:

  • QJ71MES96, all versions
  • QJ71WS96, all versions
  • Q06CCPU-V, all versions
  • Q24DHCCPU-V, the first 5 digits of serial number 24031 and prior
  • Q24DHCCPU-VG, the first 5 digits of serial number 24031 and prior
  • R12CCPU-V, Version 13 and prior
  • RD55UP06-V, Version 09 and prior
  • RD55UP12-V, Version 01
  • RJ71GN11-T2, Version 11 and prior
  • RD78Gn(n=4,8,16,32,64), Version 14 and prior
  • RD78GHV, Version 14 and prior
  • RD78GHW, Version 14 and prior
  • NZ2FT-MT, all versions
  • NZ2FT-EIP, all versions
  • Q03UDECPU, the first 5 digits of serial number 22081 and prior
  • QnUDEHCPU(n=04/06/10/13/20/26/50/100), the first 5 digits of serial number 22081 and prior
  • QnUDVCPU(n=03/04/06/13/26), the first 5 digits of serial number 22031 and prior
  • QnUDPVCPU(n=04/06/13/26), the first 5 digits of serial number 22031 and prior
  • LnCPU(-P)(n=02/06/26), the first 5 digits of serial number 22051 and prior
  • L26CPU-(P)BT, the first 5 digits of serial number 22051 and prior
  • RnCPU(n=00/01/02), Version 18 and prior
  • RnCPU(n=04/08/16/32/120), Version 50 and prior
  • RnENCPU(n=04/08/16/32/120), Version 50 and prior
  • RnSFCPU (n=08/16/32/120), Version 22 and prior
  • RnPCPU(n=08/16/32/120), Version 24 and prior
  • RnPSFCPU(n=08/16/32/120), Version 05 and prior
  • FX5U(C)-**M*/**
    • Case1: Serial number 17X**** or later: Version 1.210 and prior
    • Case2: Serial number 179**** and prior: Version 1.070 and prior
  • FX5UC-32M*/**-TS, Version 1.210 and prior
  • FX5UJ-**M*/**, Version 1.000
  • FX5-ENET, Version 1.002 and prior
  • FX5-ENET/IP, Version 1.002 and prior
  • FX3U-ENET-ADP, Version 1.22 and prior
  • FX3GE-**M*/**, the first 3 digits of serial number 20X and prior
  • FX3U-ENET, Version 1.14 and prior
  • FX3U-ENET-L, Version 1.14 and prior
  • FX3U-ENET-P502, Version 1.14 and prior
  • FX5-CCLGN-MS, Version 1.000
  • IU1-1M20-D, all versions
  • LE7-40GU-L, screen package data, version 1.01 and prior
  • GOT2000 Series GT21 Model, Version 01.44.000 and prior
  • GS Series GS21 Model, Version 01.44.000 and prior
  • GOT1000 Series GT14 Model, all versions
  • FR-A800-E Series, production date December 2020 and prior
  • FR-F800-E Series, production date December 2020 and prior
  • FR-A8NCG, Production date August 2020 and prior
  • FR-E800-EPA Series, Production date July 2020 and prior
  • FR-E800-EPB Series, Production date July 2020 and prior
  • Conveyor Tracking Application APR-nTR3FH, APR-nTR6FH, APR-nTR12FH, APR-nTR20FH(n=1,2), all versions (Discontinued product)
  • MR-JE-C, all versions
  • MR-J4-TM, all versions
  • RJ71EN71, Version 48 and prior
  • QJ71E71-100, the first 5 digits of serial number 21092 and prior
  • LJ71E71-100, the first 5 digits of serial number 21092 and prior
  • QJ71MT91, the first 5 digits of serial number 20082 and prior
  • NZ2GACP620-60, Version 1.03D and prior
  • NZ2GACP620-300, Version 1.03D and prior
  • GT25-J71GN13-T2, Version 03 and prior
  • CPU Module Logging Configuration Tool, versions 1.100E and prior
  • CW Configurator, Versions 1.010L and prior
  • Data Transfer, Versions 3.40S and prior
  • EZSocket, Versions 4.5 and prior
  • FR Configurator2, Versions 1.22Y and prior
  • GT Designer3 Version1 (GOT2000), Versions 1.235V and prior 
  • GT SoftGOT1000 Version3, 3.200J and prior
  • GT SoftGOT1000 Version3, all versions
  • GT SoftGOT2000 Version1, Bersions 1.235V and prior
  • GX LogViewer, Versions 1.100E and prior
  • GX Works2, Versions 1.592S and prior
  • GX Works3, Versions 1.063R and prior
  • M_CommDTM-HART, Version 1.00A
  • M_CommDTM-IO-Link, Versions 1.03D and prior
  • MELFA-Works, versions 4.3 and prior
  • MELSEC WinCPU Setting Utility, Versions 1.03D and prior
  • MELSOFT EM Software Development Kit (EM Configurator), Versions 1.010L and prior
  • MELSOFT FieldDeviceConfigurator, Versions 1.03D and prior
  • MELSOFT Navigator, Versions 2.62Q and prior
  • MH11 SettingTool Version2, versions 2.002C and prior
  • MI Configurator, Versions 1.004E and prior
  • Motorizer, Versions 1.005F and prior
  • MR Configurator2, Versions 1.105K and prior
  • MT Works2, Versions 1.156N and prior
  • MX Component, Versions 4.19V and prior
  • Network Interface Board CC IE Control utility, Versions 1.29F and prior
  • Network Interface Board CC IE Field Utility, Versions 1.16S and prior
  • Network Interface Board CC-Link Ver.2 Utility, Versions 1.23Z and prior
  • Network Interface Board MNETH utility, Versions 34L and prior
  • PX Developer, Versions 1.52E and prior
  • RT ToolBox2, Versions 3.72A and prior
  • RT ToolBox3, Versions 1.70Y and prior 
  • Setting/monitoring tools for the C Controller module (SW4PVC-CCPU), Versions 4.12N and prior
Threats:

An attacker could exploit this vulnerability by executing arbitrary code remotely.

Best practice and Recommendations:

The CERT team encourages users to apply the necessary updates by using the following link:

Last updated at 26 September, 2022

Rate the content

rate-icon
up icon