Vulnerabilities > Mitsubishielectric
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-11-13 | CVE-2019-13555 | Resource Exhaustion vulnerability in Mitsubishielectric products In Mitsubishi Electric MELSEC-Q Series Q03/04/06/13/26UDVCPU: serial number 21081 and prior, Q04/06/13/26UDPVCPU: serial number 21081 and prior, and Q03UDECPU, Q04/06/10/13/20/26/50/100UDEHCPU: serial number 21081 and prior, MELSEC-L Series L02/06/26CPU, L26CPU-BT: serial number 21101 and prior, L02/06/26CPU-P, L26CPU-PBT: serial number 21101 and prior, and L02/06/26CPU-CM, L26CPU-BT-CM: serial number 21101 and prior, a remote attacker can cause the FTP service to enter a denial-of-service condition dependent on the timing at which a remote attacker connects to the FTP server on the above CPU modules. | 5.9 |
| 2019-10-28 | CVE-2019-14931 | OS Command Injection vulnerability in multiple products An issue was discovered on Mitsubishi Electric Europe B.V. | 9.8 |
| 2019-10-28 | CVE-2019-14930 | Use of Hard-coded Credentials vulnerability in multiple products An issue was discovered on Mitsubishi Electric Europe B.V. | 9.8 |
| 2019-10-28 | CVE-2019-14929 | Insufficiently Protected Credentials vulnerability in multiple products An issue was discovered on Mitsubishi Electric Europe B.V. | 9.8 |
| 2019-10-28 | CVE-2019-14928 | Cross-site Scripting vulnerability in multiple products An issue was discovered on Mitsubishi Electric Europe B.V. | 5.4 |
| 2019-10-28 | CVE-2019-14927 | Forced Browsing vulnerability in multiple products An issue was discovered on Mitsubishi Electric Europe B.V. | 7.5 |
| 2019-10-28 | CVE-2019-14926 | Use of Hard-coded Credentials vulnerability in multiple products An issue was discovered on Mitsubishi Electric Europe B.V. | 9.8 |
| 2019-10-28 | CVE-2019-14925 | Incorrect Default Permissions vulnerability in multiple products An issue was discovered on Mitsubishi Electric Europe B.V. | 6.5 |
| 2019-07-26 | CVE-2019-10976 | XXE vulnerability in Mitsubishielectric Electric FR Configurator2 Firmware Mitsubishi Electric FR Configurator2, Version 1.16S and prior. | 5.5 |
| 2019-07-26 | CVE-2019-10972 | Allocation of Resources Without Limits or Throttling vulnerability in Mitsubishielectric Electric FR Configurator2 1.16S Mitsubishi Electric FR Configurator2, Version 1.16S and prior. | 5.5 |