Vulnerabilities > Mitsubishielectric > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-03-30 | CVE-2020-5527 | Resource Exhaustion vulnerability in Mitsubishielectric products When MELSOFT transmission port (UDP/IP) of Mitsubishi Electric MELSEC iQ-R series (all versions), MELSEC iQ-F series (all versions), MELSEC Q series (all versions), MELSEC L series (all versions), and MELSEC F series (all versions) receives massive amount of data via unspecified vectors, resource consumption occurs and the port does not process the data properly. | 7.5 |
| 2020-03-16 | CVE-2020-5546 | Argument Injection or Modification vulnerability in Mitsubishielectric Iu1-1M20-D Firmware 1.0.7 Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') vulnerability in TCP function included in the firmware of Mitsubishi Electric MELQIC IU1 series IU1-1M20-D firmware version 1.0.7 and earlier allows an attacker on the same network segment to stop the network functions or execute malware via a specially crafted packet. | 8.8 |
| 2019-10-28 | CVE-2019-14927 | Forced Browsing vulnerability in multiple products An issue was discovered on Mitsubishi Electric Europe B.V. | 7.5 |
| 2019-05-23 | CVE-2019-10977 | Improper Handling of Exceptional Conditions vulnerability in Mitsubishielectric Qj71E71-100 Firmware 18072/20121 In Mitsubishi Electric MELSEC-Q series Ethernet module QJ71E71-100 serial number 20121 and prior, an attacker could send crafted TCP packets against the FTP service, forcing the target devices to enter an error mode and cause a denial-of-service condition. | 7.5 |
| 2019-02-05 | CVE-2019-6535 | Resource Exhaustion vulnerability in Mitsubishielectric products Mitsubishi Electric Q03/04/06/13/26UDVCPU: serial number 20081 and prior, Q04/06/13/26UDPVCPU: serial number 20081 and prior, and Q03UDECPU, Q04/06/10/13/20/26/50/100UDEHCPU: serial number 20101 and prior. | 7.5 |
| 2017-02-13 | CVE-2016-8370 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Mitsubishielectric products An issue was discovered in Mitsubishi Electric Automation MELSEC-Q series Ethernet interface modules QJ71E71-100, all versions, QJ71E71-B5, all versions, and QJ71E71-B2, all versions. | 7.5 |
| 2017-02-13 | CVE-2016-8368 | Improper Synchronization vulnerability in Mitsubishielectric products An issue was discovered in Mitsubishi Electric Automation MELSEC-Q series Ethernet interface modules QJ71E71-100, all versions, QJ71E71-B5, all versions, and QJ71E71-B2, all versions. | 8.6 |