Vulnerabilities > CVE-2020-16226 - Predictable Exact Value from Previous Values vulnerability in Mitsubishielectric products

CVSS 9.8 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

mitsubishielectric

CWE-342

critical

NVD

Published: 2020-10-05

Updated: 2020-10-22

Summary

Multiple Mitsubishi Electric products are vulnerable to impersonations of a legitimate device by a malicious actor, which may allow an attacker to remotely execute arbitrary commands.

Vulnerable Configurations

Part	Description	Count
OS	Mitsubishielectric Mitsubishielectric Qj71Mes96 Firmware * Mitsubishielectric Qj71Ws96 Firmware * Mitsubishielectric Q06Ccpu V Firmware * Mitsubishielectric Q24Dhccpu V Firmware * Mitsubishielectric Q24Dhccpu VG Firmware * Mitsubishielectric R12Ccpu V Firmware * Mitsubishielectric Rd55Up06 V Firmware * Mitsubishielectric Rd55Up12 V Firmware * Mitsubishielectric Rj71Gn11 T2 Firmware * Mitsubishielectric Rj71En71 Firmware * Mitsubishielectric Qj71E71 100 Firmware * Mitsubishielectric Lj71E71 100 Firmware * Mitsubishielectric Qj71Mt91 Firmware * Mitsubishielectric Rd78Gn(N=4,8,16,32,64) Firmware * Mitsubishielectric Rd78Ghv Firmware * Mitsubishielectric Rd78Ghw Firmware * Mitsubishielectric Nz2Gacp620 60 Firmware * Mitsubishielectric Nz2Gacp620 300 Firmware * Mitsubishielectric Nz2Ft MT Firmware * Mitsubishielectric Nz2Ft EIP Firmware * Mitsubishielectric Q03Udecpu Firmware - Mitsubishielectric Q03Udecpu Firmware 20101 Mitsubishielectric Q03Udecpu Firmware 21081 Mitsubishielectric Qnudehcpu(N=04/06/10/13/20/26/50/100) Firmware * Mitsubishielectric Qnudvcpu(N=03/04/06/13/26) Firmware * Mitsubishielectric Qnudpvcpu(N=04/06/13/2) Firmware * Mitsubishielectric Lncpu( P)(N=02/06/26) Firmware * Mitsubishielectric L26Cpu (P)Bt Firmware - Mitsubishielectric Rncpu(N=00/01/02)T Firmware * Mitsubishielectric Rncpu(N=04/08/16/32/120) Firmware * Mitsubishielectric Rnencpu(N=04/08/16/32/120) Firmware * Mitsubishielectric Rnsfcpu (N=08/16/32/120) Firmware * Mitsubishielectric Rnpcpu(N=08/16/32/120) Firmware * Mitsubishielectric Rnpsfcpu(N=08/16/32/120) Firmware * Mitsubishielectric Fx5Uc 32Mt/D Firmware 1.210 Mitsubishielectric Fx5Uc 32Mt/Dss Firmware 1.210 Mitsubishielectric Fx5Uc 32Mt/Ds TS Firmware 1.210 Mitsubishielectric Fx5Uc 32Mt/Dss TS Firmware 1.210 Mitsubishielectric Fx5Uj 24Mr/Es Firmware 1.000 Mitsubishielectric Fx5Uc 32Mr/Ds TS Firmware 1.210 Mitsubishielectric Fx5Uj 24Mt/Es Firmware 1.000 Mitsubishielectric Fx5Uj 24Mt/Ess Firmware 1.000 Mitsubishielectric Fx5Uj 40Mr/Es Firmware 1.000 Mitsubishielectric Fx5Uj 40Mt/Es Firmware 1.000 Mitsubishielectric Fx5Uj 40Mt/Ess Firmware 1.000 Mitsubishielectric Fx5Uj 60Mr/Es Firmware 1.000 Mitsubishielectric Fx5Uj 60Mt/Es Firmware 1.000 Mitsubishielectric Fx5Uj 60Mt/Ess Firmware 1.000 Mitsubishielectric FX5 Enet Firmware * Mitsubishielectric FX5 Enet/Ip Firmware * Mitsubishielectric FX5 Enet ADP Firmware * Mitsubishielectric Fx3G 14Mr/Es Firmware * Mitsubishielectric Fx3G 14Mt/Ess Firmware * Mitsubishielectric Fx3G 14Mr/Ds Firmware * Mitsubishielectric Fx3G 14Mt/Dss Firmware * Mitsubishielectric Fx3G 24Mr/Es Firmware * Mitsubishielectric Fx3G 24Mt/Ess Firmware * Mitsubishielectric Fx3G 24Mr/Ds Firmware * Mitsubishielectric Fx3G 24Mt/Dss Firmware * Mitsubishielectric Fx3G 40Mr/Es Firmware * Mitsubishielectric Fx3G 40Mt/Ess Firmware * Mitsubishielectric Fx3G 40Mr/Ds Firmware * Mitsubishielectric Fx3G 40Mt/Dss Firmware * Mitsubishielectric Fx3G 60Mr/Es Firmware * Mitsubishielectric Fx3G 60Mt/Ess Firmware * Mitsubishielectric Fx3G 60Mr/Ds Firmware * Mitsubishielectric Fx3G 60Mt/Dss Firmware * Mitsubishielectric Fx3G 32 Mt/Dss Firmware * Mitsubishielectric Fx3U Enet Firmware * Mitsubishielectric Fx3U Enet L Firmware * Mitsubishielectric Fx3U Enet P502 Firmware * Mitsubishielectric FX5 Cclgn MS Firmware * Mitsubishielectric IU1 1M20 D Firmware * Mitsubishielectric LE7 40Gu L Firmware * Mitsubishielectric Got2000 Series Gt21 Firmware * Mitsubishielectric GOT Simple Series Gs21 Firmware * Mitsubishielectric Got1000 Series Gt14 Firmware * Mitsubishielectric Gt25 J71Gn13 T2 Firmware * Mitsubishielectric FR A820 E Firmware * Mitsubishielectric FR A840 E Firmware * Mitsubishielectric FR A860 E Firmware * Mitsubishielectric FR A842 E Firmware * Mitsubishielectric FR A862 E Firmware * Mitsubishielectric FR F820 E Firmware * Mitsubishielectric FR F840 E Firmware * Mitsubishielectric FR F860 E Firmware * Mitsubishielectric FR F842 E Firmware * Mitsubishielectric FR F862 E Firmware * Mitsubishielectric FR A8Ncge Firmware * Mitsubishielectric FR E800 EPA Firmware * Mitsubishielectric FR E800 EPB Firmware * Mitsubishielectric MR JE C Firmware * Mitsubishielectric MR J4 TM Firmware *	93
Hardware	Mitsubishielectric Mitsubishielectric Qj71Mes96 - Mitsubishielectric Qj71Ws96 - Mitsubishielectric Q06Ccpu V - Mitsubishielectric Q24Dhccpu V - Mitsubishielectric Q24Dhccpu VG - Mitsubishielectric R12Ccpu V - Mitsubishielectric Rd55Up06 V - Mitsubishielectric Rd55Up12 V - Mitsubishielectric Rj71Gn11 T2 - Mitsubishielectric Rj71En71 - Mitsubishielectric Qj71E71 100 - Mitsubishielectric Lj71E71 100 - Mitsubishielectric Qj71Mt91 - Mitsubishielectric Rd78Gn(N=4,8,16,32,64) - Mitsubishielectric Rd78Ghv - Mitsubishielectric Rd78Ghw - Mitsubishielectric Nz2Gacp620 60 - Mitsubishielectric Nz2Gacp620 300 - Mitsubishielectric Nz2Ft MT - Mitsubishielectric Nz2Ft EIP - Mitsubishielectric Q03Udecpu - Mitsubishielectric Qnudehcpu(N=04/06/10/13/20/26/50/100) - Mitsubishielectric Qnudvcpu(N=03/04/06/13/26) - Mitsubishielectric Qnudpvcpu(N=04/06/13/2) - Mitsubishielectric Lncpu( P)(N=02/06/26) - Mitsubishielectric L26Cpu (P)Bt - Mitsubishielectric Rncpu(N=00/01/02)T - Mitsubishielectric Rncpu(N=04/08/16/32/120) - Mitsubishielectric Rnencpu(N=04/08/16/32/120) - Mitsubishielectric Rnsfcpu (N=08/16/32/120) - Mitsubishielectric Rnpcpu(N=08/16/32/120) - Mitsubishielectric Rnpsfcpu(N=08/16/32/120) - Mitsubishielectric Fx5Uc 32Mt/D - Mitsubishielectric Fx5Uc 32Mt/Dss - Mitsubishielectric Fx5Uc 32Mt/Ds TS - Mitsubishielectric Fx5Uc 32Mt/Dss TS - Mitsubishielectric Fx5Uj 24Mr/Es - Mitsubishielectric Fx5Uc 32Mr/Ds TS - Mitsubishielectric Fx5Uj 24Mt/Es - Mitsubishielectric Fx5Uj 24Mt/Ess - Mitsubishielectric Fx5Uj 40Mr/Es - Mitsubishielectric Fx5Uj 40Mt/Es - Mitsubishielectric Fx5Uj 40Mt/Ess - Mitsubishielectric Fx5Uj 60Mr/Es - Mitsubishielectric Fx5Uj 60Mt/Es - Mitsubishielectric Fx5Uj 60Mt/Ess - Mitsubishielectric FX5 Enet - Mitsubishielectric FX5 Enet/Ip - Mitsubishielectric FX5 Enet ADP - Mitsubishielectric Fx3G 14Mr/Es - Mitsubishielectric Fx3G 14Mt/Ess - Mitsubishielectric Fx3G 14Mr/Ds - Mitsubishielectric Fx3G 14Mt/Dss - Mitsubishielectric Fx3G 24Mr/Es - Mitsubishielectric Fx3G 24Mt/Ess - Mitsubishielectric Fx3G 24Mr/Ds - Mitsubishielectric Fx3G 24Mt/Dss - Mitsubishielectric Fx3G 40Mr/Es - Mitsubishielectric Fx3G 40Mt/Ess - Mitsubishielectric Fx3G 40Mr/Ds - Mitsubishielectric Fx3G 40Mt/Dss - Mitsubishielectric Fx3G 60Mr/Es - Mitsubishielectric Fx3G 60Mt/Ess - Mitsubishielectric Fx3G 60Mr/Ds - Mitsubishielectric Fx3G 60Mt/Dss - Mitsubishielectric Fx3G 32 Mt/Dss - Mitsubishielectric Fx3U Enet - Mitsubishielectric Fx3U Enet L - Mitsubishielectric Fx3U Enet P502 - Mitsubishielectric FX5 Cclgn MS - Mitsubishielectric IU1 1M20 D - Mitsubishielectric LE7 40Gu L - Mitsubishielectric Got2000 Series Gt21 - Mitsubishielectric GOT Simple Series Gs21 - Mitsubishielectric Got1000 Series Gt14 - Mitsubishielectric Gt25 J71Gn13 T2 - Mitsubishielectric FR A820 E - Mitsubishielectric FR A840 E - Mitsubishielectric FR A860 E - Mitsubishielectric FR A842 E - Mitsubishielectric FR A862 E - Mitsubishielectric FR F820 E - Mitsubishielectric FR F840 E - Mitsubishielectric FR F860 E - Mitsubishielectric FR F842 E - Mitsubishielectric FR F862 E - Mitsubishielectric FR A8Ncge - Mitsubishielectric FR E800 EPA - Mitsubishielectric FR E800 EPB - Mitsubishielectric MR JE C - Mitsubishielectric MR J4 TM -	91
Application	Mitsubishielectric Mitsubishielectric Conveyor Tracking Application APR Ntr20Fh(N=1,2) - Mitsubishielectric Conveyor Tracking Application APR Ntr12Fh - Mitsubishielectric Conveyor Tracking Application APR Ntr6Fh - Mitsubishielectric Conveyor Tracking Application APR Ntr3Fh *	4

Common Weakness Enumeration (CWE)

CWE-342 - Predictable Exact Value from Previous Values

References

https://us-cert.cisa.gov/ics/advisories/icsa-20-245-01