Mitsubishi Electric Updates
1799Warning Date
Severity Level
Warning Number
Target Sector
1 August, 2021
● High
2021-3277
Manufacturing
Description:
Mitsubishi Electric has released security updates to address multiple vulnerabilities in the following products:
- CPU Module Logging Configuration Tool
- Versions 1.112R and prior
- CW Configurator
- Versions 1.011M and prior
- Data Transfer
- Versions 3.44W and prior
- FR Configurator2
- Versions 1.24A and prior
- GT Designer3 Version1(GOT1000)
- Versions 1.250L and prior
- GT Designer3 Version1(GOT2000)
- Versions 1.250L and prior
- GT SoftGOT1000 Version3
- Versions 3.245F and prior
- GT SoftGOT2000 Version1
- Versions 1.250L and prior
- GX LogViewer
- Versions 1.115U and prior
- iQ Monozukuri ANDON (Data Transfer)
- all versions
- iQ Monozukuri Process Remote Monitoring (Data Transfer)
- all versions
- PX Developer
- versions 1.53F and prior
- RT ToolBox3
- versions 1.82L and prior
- C Controller module setting and monitoring tool
- all versions
- EZSocket
- all versions
- FR Configurator SW3
- all versions
- FR Configurator2
- all versions
- GX Configurator-DP
- Versions 7.14Q and prior
- GX Configurator-QP
- all versions
- GX Developer
- Versions 8.506C and prior
- MELSOFT Navigator
- Versions 2.74C and prior
- GX Explorer
- all versions
- GX IEC Developer
- all versions
- GX RemoteService-I
- all versions
- GX Works2
- Versions 1.597X and prior
- GX Works3
- Versions 1.070Y and prior
- M_CommDTM-HART
- all versions
- M_CommDTM-IO-Link
- all versions
- MELFA-Works
- all versions
- MELSEC WinCPU Setting Utility
- all versions
- MELSOFT EM Software Development Kit (EM Configurator)
- all versions
- MH11 SettingTool Version2
- all versions
- MI Configurator
- all versions
- MT Works2
- all versions
- MX Component
- all versions
- Network Interface Board CC IE Control utility
- all versions
- Network Interface Board CC IE Field Utility
- all versions
- Network Interface Board CC-Link Ver.2 Utility
- all versions
- Network Interface Board MNETH utility
- all versions
- RT ToolBox2
- all versions
- Setting/monitoring tools for the C Controller module
- all versions
- SLMP Data Collector
- all versions
Threats:
Attackers could exploit these vulnerabilities by triggering a Denial of service attack (DoS).
Best practice and Recommendations:
The CERT team encourages users to review Mitsubishi Electric security advisory: