Vulnerabilities > CVE-2015-3938 - Resource Management Errors vulnerability in Mitsubishi Electric Melsec Fx3G

CVSS 7.8 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

COMPLETE

network

low complexity

mitsubishi-electric

CWE-399

NVD

Published: 2015-10-06

Updated: 2015-10-06

Summary

The HTTP application on Mitsubishi Electric MELSEC FX3G PLC devices before April 2015 allows remote attackers to cause a denial of service (device outage) via a long parameter.

Vulnerable Configurations

Part	Description	Count
Hardware	Mitsubishi_Electric Mitsubishi Electric Melsec Fx3G -	1

Common Weakness Enumeration (CWE)

CWE-399 - Resource Management Errors

Packetstorm

data source	https://packetstormsecurity.com/files/download/133780/mitsubishimelsec-dos.txt
id	PACKETSTORM:133780
last seen	2016-12-05
published	2015-09-30
reporter	Ralf Spenneberg
source	https://packetstormsecurity.com/files/133780/Mitsubishi-Melsec-FX3G-24M-Denial-Of-Service.html
title	Mitsubishi Melsec FX3G-24M Denial Of Service

References

https://ics-cert.us-cert.gov/advisories/ICSA-15-146-01