Vulnerabilities > Mitsubishielectric > Fx5Uj 24Mt DSS Firmware

DATE CVE VULNERABILITY TITLE RISK
2023-11-06 CVE-2023-4699 Insufficient Verification of Data Authenticity vulnerability in Mitsubishielectric products
Insufficient Verification of Data Authenticity vulnerability in Mitsubishi Electric Corporation MELSEC-F Series main modules and MELSEC iQ-F Series CPU modules allows a remote unauthenticated attacker to reset the memory of the products to factory default state and cause denial-of-service (DoS) condition on the products by sending specific packets.
network
low complexity
mitsubishielectric CWE-345
critical
9.1
2023-11-06 CVE-2023-4625 Improper Restriction of Excessive Authentication Attempts vulnerability in Mitsubishielectric products
Improper Restriction of Excessive Authentication Attempts vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F/iQ-R Series CPU modules Web server function allows a remote unauthenticated attacker to prevent legitimate users from logging into the Web server function for a certain period after the attacker has attempted to log in illegally by continuously attempting unauthorized login to the Web server function.
network
low complexity
mitsubishielectric CWE-307
5.3