Vulnerabilities > Mitsubishielectric

DATE CVE VULNERABILITY TITLE RISK
2019-05-23 CVE-2019-10977 Improper Handling of Exceptional Conditions vulnerability in Mitsubishielectric Qj71E71-100 Firmware 18072/20121
In Mitsubishi Electric MELSEC-Q series Ethernet module QJ71E71-100 serial number 20121 and prior, an attacker could send crafted TCP packets against the FTP service, forcing the target devices to enter an error mode and cause a denial-of-service condition.
network
low complexity
mitsubishielectric CWE-755
7.5
2019-02-05 CVE-2019-6535 Resource Exhaustion vulnerability in Mitsubishielectric products
Mitsubishi Electric Q03/04/06/13/26UDVCPU: serial number 20081 and prior, Q04/06/13/26UDPVCPU: serial number 20081 and prior, and Q03UDECPU, Q04/06/10/13/20/26/50/100UDEHCPU: serial number 20101 and prior.
network
low complexity
mitsubishielectric CWE-400
7.5
2018-04-17 CVE-2017-9638 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Mitsubishielectric E-Designer 7.52
Mitsubishi E-Designer, Version 7.52 Build 344 contains six code sections which may be exploited to overwrite the stack.
network
low complexity
mitsubishielectric CWE-119
critical
9.8
2018-04-17 CVE-2017-9636 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Mitsubishielectric E-Designer 7.52
Mitsubishi E-Designer, Version 7.52 Build 344 contains five code sections which may be exploited to overwrite the heap.
network
low complexity
mitsubishielectric CWE-119
critical
9.8
2018-04-17 CVE-2017-9634 Out-of-bounds Write vulnerability in Mitsubishielectric E-Designer 7.52
Mitsubishi E-Designer, Version 7.52 Build 344 contains two code sections which may be exploited to allow an attacker to overwrite arbitrary memory locations.
network
low complexity
mitsubishielectric CWE-787
critical
9.8
2017-02-13 CVE-2016-8370 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Mitsubishielectric products
An issue was discovered in Mitsubishi Electric Automation MELSEC-Q series Ethernet interface modules QJ71E71-100, all versions, QJ71E71-B5, all versions, and QJ71E71-B2, all versions.
network
low complexity
mitsubishielectric CWE-327
7.5
2017-02-13 CVE-2016-8368 Improper Synchronization vulnerability in Mitsubishielectric products
An issue was discovered in Mitsubishi Electric Automation MELSEC-Q series Ethernet interface modules QJ71E71-100, all versions, QJ71E71-B5, all versions, and QJ71E71-B2, all versions.
network
low complexity
mitsubishielectric CWE-662
8.6