Common Weakness Enumeration

CWE-468

Allowed

Incorrect Pointer Scaling

Abstraction: Base · Status: Incomplete

In C and C++, one may often accidentally refer to the wrong memory due to the semantics of when math operations are implicitly scaled.

7 vulnerabilities reference this CWE, most recent first.

CVE-2026-34194 (GCVE-0-2026-34194)

Vulnerability from cvelistv5 – Published: 2026-06-08 14:58 – Updated: 2026-06-08 18:55
VLAI
Title
GPU DDK - UAF read and/or write to arbitrary physical pages in DevmemIntChangeSparse due to incorrect calculation of the virtual index count
Summary
Software installed and run as a non-privileged user may conduct improper GPU system calls to cause mismanagement of a mapping state maintained for a sparse memory allocation. The product accidentally refers to the wrong memory due to the semantics of how math operations are implicitly scaled across buffers of different sizes.
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-468 - Incorrect Pointer Scaling
Assigner
Impacted products
Vendor Product Version
Imagination Technologies Graphics DDK Unaffected: 1.18 RTM (custom)
Unaffected: 23.2 RTM (custom)
Affected: 24.2 RTM (custom)
Affected: 25.1 RTM , ≤ 25.3 RTM (custom)
Affected: 26.1 RTM (custom)
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 7.1,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "NONE",
              "integrityImpact": "HIGH",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2026-34194",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-06-08T18:54:26.516443Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-06-08T18:55:08.798Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "platforms": [
            "Linux",
            "Android"
          ],
          "product": "Graphics DDK",
          "vendor": "Imagination Technologies",
          "versions": [
            {
              "status": "unaffected",
              "version": "1.18 RTM",
              "versionType": "custom"
            },
            {
              "status": "unaffected",
              "version": "23.2 RTM",
              "versionType": "custom"
            },
            {
              "status": "affected",
              "version": "24.2 RTM",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "25.3 RTM",
              "status": "affected",
              "version": "25.1 RTM",
              "versionType": "custom"
            },
            {
              "status": "affected",
              "version": "26.1 RTM",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eSoftware installed and run as a non-privileged user may conduct improper GPU system calls to cause mismanagement of a mapping state maintained for a sparse memory allocation.\u003c/p\u003e\u003cp\u003eThe product accidentally refers to the wrong memory due to the semantics of how math operations are implicitly scaled across buffers of different sizes.\u003c/p\u003e"
            }
          ],
          "value": "Software installed and run as a non-privileged user may conduct improper GPU system calls to cause mismanagement of a mapping state maintained for a sparse memory allocation.\n\n\n\nThe product accidentally refers to the wrong memory due to the semantics of how math operations are implicitly scaled across buffers of different sizes."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-123",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC - CAPEC-123: Buffer Manipulation (Version 3.9)"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-468",
              "description": "CWE-468: Incorrect Pointer Scaling",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-06-08T14:58:40.452Z",
        "orgId": "367425dc-4d06-4041-9650-c2dc6aaa27ce",
        "shortName": "imaginationtech"
      },
      "references": [
        {
          "url": "https://www.imaginationtech.com/gpu-driver-vulnerabilities/"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "GPU DDK - UAF read and/or write to arbitrary physical pages in DevmemIntChangeSparse due to incorrect calculation of the virtual index count",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "367425dc-4d06-4041-9650-c2dc6aaa27ce",
    "assignerShortName": "imaginationtech",
    "cveId": "CVE-2026-34194",
    "datePublished": "2026-06-08T14:58:40.452Z",
    "dateReserved": "2026-03-26T13:47:30.669Z",
    "dateUpdated": "2026-06-08T18:55:08.798Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2024-1915 (GCVE-0-2024-1915)

Vulnerability from cvelistv5 – Published: 2024-03-15 00:00 – Updated: 2024-08-27 19:56
VLAI
Summary
Incorrect Pointer Scaling vulnerability in Mitsubishi Electric Corporation MELSEC-Q Series and MELSEC-L Series CPU modules allows a remote unauthenticated attacker to execute malicious code on a target product by sending a specially crafted packet.
SSVC
Exploitation: none Automatable: yes Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-468 - Incorrect Pointer Scaling
Assigner
References
Impacted products
Vendor Product Version
Mitsubishi Electric Corporation MELSEC-Q Series Q03UDECPU Affected: The first 5 digits of serial No. "26061" and prior
Create a notification for this product.
Mitsubishi Electric Corporation MELSEC-Q Series Q04UDEHCPU Affected: The first 5 digits of serial No. "26061" and prior
Create a notification for this product.
Mitsubishi Electric Corporation MELSEC-Q Series Q06UDEHCPU Affected: The first 5 digits of serial No. "26061" and prior
Create a notification for this product.
Mitsubishi Electric Corporation MELSEC-Q Series Q10UDEHCPU Affected: The first 5 digits of serial No. "26061" and prior
Create a notification for this product.
Mitsubishi Electric Corporation MELSEC-Q Series Q13UDEHCPU Affected: The first 5 digits of serial No. "26061" and prior
Create a notification for this product.
Mitsubishi Electric Corporation MELSEC-Q Series Q20UDEHCPU Affected: The first 5 digits of serial No. "26061" and prior
Create a notification for this product.
Mitsubishi Electric Corporation MELSEC-Q Series Q26UDEHCPU Affected: The first 5 digits of serial No. "26061" and prior
Create a notification for this product.
Mitsubishi Electric Corporation MELSEC-Q Series Q50UDEHCPU Affected: The first 5 digits of serial No. "26061" and prior
Create a notification for this product.
Mitsubishi Electric Corporation MELSEC-Q Series Q100UDEHCPU Affected: The first 5 digits of serial No. "26061" and prior
Create a notification for this product.
Mitsubishi Electric Corporation MELSEC-Q Series Q03UDVCPU Affected: The first 5 digits of serial No. "26061" and prior
Create a notification for this product.
Mitsubishi Electric Corporation MELSEC-Q Series Q04UDVCPU Affected: The first 5 digits of serial No. "26061" and prior
Create a notification for this product.
Mitsubishi Electric Corporation MELSEC-Q Series Q06UDVCPU Affected: The first 5 digits of serial No. "26061" and prior
Create a notification for this product.
Mitsubishi Electric Corporation MELSEC-Q Series Q13UDVCPU Affected: The first 5 digits of serial No. "26061" and prior
Create a notification for this product.
Mitsubishi Electric Corporation MELSEC-Q Series Q26UDVCPU Affected: The first 5 digits of serial No. "26061" and prior
Create a notification for this product.
Mitsubishi Electric Corporation MELSEC-Q Series Q04UDPVCPU Affected: The first 5 digits of serial No. "26061" and prior
Create a notification for this product.
Mitsubishi Electric Corporation MELSEC-Q Series Q06UDPVCPU Affected: The first 5 digits of serial No. "26061" and prior
Create a notification for this product.
Mitsubishi Electric Corporation MELSEC-Q Series Q13UDPVCPU Affected: The first 5 digits of serial No. "26061" and prior
Create a notification for this product.
Mitsubishi Electric Corporation MELSEC-Q Series Q26UDPVCPU Affected: The first 5 digits of serial No. "26061" and prior
Create a notification for this product.
Mitsubishi Electric Corporation MELSEC-L Series L02CPU Affected: The first 5 digits of serial No. "26041" and prior
Create a notification for this product.
Mitsubishi Electric Corporation MELSEC-L Series L06CPU Affected: The first 5 digits of serial No. "26041" and prior
Create a notification for this product.
Mitsubishi Electric Corporation MELSEC-L Series L26CPU Affected: The first 5 digits of serial No. "26041" and prior
Create a notification for this product.
Mitsubishi Electric Corporation MELSEC-L Series L02CPU-P Affected: The first 5 digits of serial No. "26041" and prior
Create a notification for this product.
Mitsubishi Electric Corporation MELSEC-L Series L06CPU-P Affected: The first 5 digits of serial No. "26041" and prior
Create a notification for this product.
Mitsubishi Electric Corporation MELSEC-L Series L26CPU-P Affected: The first 5 digits of serial No. "26041" and prior
Create a notification for this product.
Mitsubishi Electric Corporation MELSEC-L Series L26CPU-BT Affected: The first 5 digits of serial No. "26041" and prior
Create a notification for this product.
Mitsubishi Electric Corporation MELSEC-L Series L26CPU-PBT Affected: The first 5 digits of serial No. "26041" and prior
Create a notification for this product.
mitsubishielectric melsec_q-q03udecpu Affected: 0 , < xxxxx26061 (custom)
    cpe:2.3:h:mitsubishielectric:melsec_q-q03udecpu:-:*:*:*:*:*:*:*
Create a notification for this product.
mitsubishielectric melsec_q-q04udehcpu Affected: 0 , < xxxxx26061 (custom)
    cpe:2.3:h:mitsubishielectric:melsec_q-q04udehcpu:-:*:*:*:*:*:*:*
Create a notification for this product.
mitsubishielectric melsec_q-q06udehcpu Affected: 0 , < xxxxx26061 (custom)
    cpe:2.3:h:mitsubishielectric:melsec_q-q06udehcpu:-:*:*:*:*:*:*:*
Create a notification for this product.
mitsubishielectric melsec_q-q10udehcpu Affected: 0 , < xxxxx26061 (custom)
    cpe:2.3:h:mitsubishielectric:melsec_q-q10udehcpu:-:*:*:*:*:*:*:*
Create a notification for this product.
mitsubishielectric melsec_q-q13udehcpu Affected: 0 , < xxxxx26061 (custom)
    cpe:2.3:h:mitsubishielectric:melsec_q-q13udehcpu:-:*:*:*:*:*:*:*
Create a notification for this product.
mitsubishielectric melsec_q-q20udehcpu Affected: 0 , < xxxxx26061 (custom)
    cpe:2.3:h:mitsubishielectric:melsec_q-q20udehcpu:-:*:*:*:*:*:*:*
Create a notification for this product.
mitsubishielectric melsec_q-q26udehcpu Affected: 0 , < xxxxx26061 (custom)
    cpe:2.3:h:mitsubishielectric:melsec_q-q26udehcpu:-:*:*:*:*:*:*:*
Create a notification for this product.
mitsubishielectric melsec_q-q50udehcpu Affected: 0 , < xxxxx26061 (custom)
    cpe:2.3:h:mitsubishielectric:melsec_q-q50udehcpu:-:*:*:*:*:*:*:*
Create a notification for this product.
mitsubishielectric melsec_q-q100udehcpu Affected: 0 , < xxxxx26061 (custom)
    cpe:2.3:h:mitsubishielectric:melsec_q-q100udehcpu:-:*:*:*:*:*:*:*
Create a notification for this product.
mitsubishi melsec_q03udvcpu Affected: 0 , < xxxxx26061 (custom)
    cpe:2.3:h:mitsubishi:melsec_q03udvcpu:-:*:*:*:*:*:*:*
Create a notification for this product.
mitsubishi melsec_q04udvcpu Affected: 0 , < xxxxx26061 (custom)
    cpe:2.3:h:mitsubishi:melsec_q04udvcpu:-:*:*:*:*:*:*:*
Create a notification for this product.
mitsubishi melsec_q06udvcpu Affected: 0 , < xxxxx26061 (custom)
    cpe:2.3:h:mitsubishi:melsec_q06udvcpu:-:*:*:*:*:*:*:*
Create a notification for this product.
mitsubishi melsec_q13udvcpu Affected: 0 , < xxxxx26061 (custom)
    cpe:2.3:h:mitsubishi:melsec_q13udvcpu:-:*:*:*:*:*:*:*
Create a notification for this product.
mitsubishi melsec_q26udvcpu Affected: 0 , < xxxxx26061 (custom)
    cpe:2.3:h:mitsubishi:melsec_q26udvcpu:-:*:*:*:*:*:*:*
Create a notification for this product.
mitsubishi melsec_q06udpvcpu Affected: 0 , < xxxxx26061 (custom)
    cpe:2.3:h:mitsubishi:melsec_q06udpvcpu:-:*:*:*:*:*:*:*
Create a notification for this product.
mitsubishi melsec_q13udpvcpu Affected: 0 , < xxxxx26061 (custom)
    cpe:2.3:h:mitsubishi:melsec_q13udpvcpu:-:*:*:*:*:*:*:*
Create a notification for this product.
mitsubishi melsec_q26udpvcpu Affected: 0 , < xxxxx26061 (custom)
    cpe:2.3:h:mitsubishi:melsec_q26udpvcpu:-:*:*:*:*:*:*:*
Create a notification for this product.
mitsubishielectric l02cpu-p Affected: 0 , < xxxxx26041 (custom)
    cpe:2.3:h:mitsubishielectric:l02cpu-p:-:*:*:*:*:*:*:*
Create a notification for this product.
mitsubishi melsec_l06cpu\(-p\) Affected: 0 , < xxxxx26041 (custom)
    cpe:2.3:h:mitsubishi:melsec_l06cpu\(-p\):-:*:*:*:*:*:*:*
Create a notification for this product.
mitsubishi melsec_l26cpu\(-p\) Affected: 0 , < xxxxx26041 (custom)
    cpe:2.3:h:mitsubishi:melsec_l26cpu\(-p\):-:*:*:*:*:*:*:*
Create a notification for this product.
mitsubishielectric melsec_l02cpu-p Affected: 0 , < xxxxx26041 (custom)
    cpe:2.3:h:mitsubishielectric:melsec_l02cpu-p:-:*:*:*:*:*:*:*
Create a notification for this product.
mitsubishielectric melsec_l06cpu-p Affected: 0 , < xxxxx26041 (custom)
    cpe:2.3:h:mitsubishielectric:melsec_l06cpu-p:-:*:*:*:*:*:*:*
Create a notification for this product.
mitsubishielectric melsec_l26cpu-p Affected: 0 , < xxxxx26041 (custom)
    cpe:2.3:h:mitsubishielectric:melsec_l26cpu-p:-:*:*:*:*:*:*:*
Create a notification for this product.
mitsubishielectric l26cpu-bt Affected: 0 , < xxxxx26041 (custom)
    cpe:2.3:h:mitsubishielectric:l26cpu-bt:-:*:*:*:*:*:*:*
Create a notification for this product.
mitsubishielectric melsec_l26cpu-pbt Affected: 0 , < xxxxx26041 (custom)
    cpe:2.3:h:mitsubishielectric:melsec_l26cpu-pbt:-:*:*:*:*:*:*:*
Create a notification for this product.
Date Public
2024-03-14 03:00
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T18:56:22.312Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2023-024_en.pdf"
          },
          {
            "tags": [
              "government-resource",
              "x_transferred"
            ],
            "url": "https://jvn.jp/vu/JVNVU99690199/"
          },
          {
            "tags": [
              "government-resource",
              "x_transferred"
            ],
            "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-074-14"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:h:mitsubishielectric:melsec_q-q03udecpu:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "melsec_q-q03udecpu",
            "vendor": "mitsubishielectric",
            "versions": [
              {
                "lessThan": "xxxxx26061",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mitsubishielectric:melsec_q-q04udehcpu:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "melsec_q-q04udehcpu",
            "vendor": "mitsubishielectric",
            "versions": [
              {
                "lessThan": "xxxxx26061",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mitsubishielectric:melsec_q-q06udehcpu:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "melsec_q-q06udehcpu",
            "vendor": "mitsubishielectric",
            "versions": [
              {
                "lessThan": "xxxxx26061",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mitsubishielectric:melsec_q-q10udehcpu:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "melsec_q-q10udehcpu",
            "vendor": "mitsubishielectric",
            "versions": [
              {
                "lessThan": "xxxxx26061",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mitsubishielectric:melsec_q-q13udehcpu:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "melsec_q-q13udehcpu",
            "vendor": "mitsubishielectric",
            "versions": [
              {
                "lessThan": "xxxxx26061",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mitsubishielectric:melsec_q-q20udehcpu:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "melsec_q-q20udehcpu",
            "vendor": "mitsubishielectric",
            "versions": [
              {
                "lessThan": "xxxxx26061",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mitsubishielectric:melsec_q-q26udehcpu:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "melsec_q-q26udehcpu",
            "vendor": "mitsubishielectric",
            "versions": [
              {
                "lessThan": "xxxxx26061",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mitsubishielectric:melsec_q-q50udehcpu:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "melsec_q-q50udehcpu",
            "vendor": "mitsubishielectric",
            "versions": [
              {
                "lessThan": "xxxxx26061",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mitsubishielectric:melsec_q-q100udehcpu:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "melsec_q-q100udehcpu",
            "vendor": "mitsubishielectric",
            "versions": [
              {
                "lessThan": "xxxxx26061",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mitsubishi:melsec_q03udvcpu:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "melsec_q03udvcpu",
            "vendor": "mitsubishi",
            "versions": [
              {
                "lessThan": "xxxxx26061",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mitsubishi:melsec_q04udvcpu:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "melsec_q04udvcpu",
            "vendor": "mitsubishi",
            "versions": [
              {
                "lessThan": "xxxxx26061",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mitsubishi:melsec_q06udvcpu:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "melsec_q06udvcpu",
            "vendor": "mitsubishi",
            "versions": [
              {
                "lessThan": "xxxxx26061",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mitsubishi:melsec_q13udvcpu:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "melsec_q13udvcpu",
            "vendor": "mitsubishi",
            "versions": [
              {
                "lessThan": "xxxxx26061",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mitsubishi:melsec_q26udvcpu:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "melsec_q26udvcpu",
            "vendor": "mitsubishi",
            "versions": [
              {
                "lessThan": "xxxxx26061",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mitsubishi:melsec_q06udpvcpu:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "melsec_q06udpvcpu",
            "vendor": "mitsubishi",
            "versions": [
              {
                "lessThan": "xxxxx26061",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mitsubishi:melsec_q13udpvcpu:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "melsec_q13udpvcpu",
            "vendor": "mitsubishi",
            "versions": [
              {
                "lessThan": "xxxxx26061",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mitsubishi:melsec_q26udpvcpu:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "melsec_q26udpvcpu",
            "vendor": "mitsubishi",
            "versions": [
              {
                "lessThan": "xxxxx26061",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mitsubishielectric:l02cpu-p:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "l02cpu-p",
            "vendor": "mitsubishielectric",
            "versions": [
              {
                "lessThan": "xxxxx26041",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mitsubishi:melsec_l06cpu\\(-p\\):-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "melsec_l06cpu\\(-p\\)",
            "vendor": "mitsubishi",
            "versions": [
              {
                "lessThan": "xxxxx26041",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mitsubishi:melsec_l26cpu\\(-p\\):-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "melsec_l26cpu\\(-p\\)",
            "vendor": "mitsubishi",
            "versions": [
              {
                "lessThan": "xxxxx26041",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mitsubishielectric:melsec_l02cpu-p:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "melsec_l02cpu-p",
            "vendor": "mitsubishielectric",
            "versions": [
              {
                "lessThan": "xxxxx26041",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mitsubishielectric:melsec_l06cpu-p:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "melsec_l06cpu-p",
            "vendor": "mitsubishielectric",
            "versions": [
              {
                "lessThan": "xxxxx26041",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mitsubishielectric:melsec_l26cpu-p:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "melsec_l26cpu-p",
            "vendor": "mitsubishielectric",
            "versions": [
              {
                "lessThan": "xxxxx26041",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mitsubishielectric:l26cpu-bt:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "l26cpu-bt",
            "vendor": "mitsubishielectric",
            "versions": [
              {
                "lessThan": "xxxxx26041",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mitsubishielectric:melsec_l26cpu-pbt:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "melsec_l26cpu-pbt",
            "vendor": "mitsubishielectric",
            "versions": [
              {
                "lessThan": "xxxxx26041",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-1915",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-03-15T15:51:36.118417Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-08-27T19:56:54.512Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "MELSEC-Q Series Q03UDECPU",
          "vendor": "Mitsubishi Electric Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "The first 5 digits of serial No. \"26061\" and prior"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MELSEC-Q Series Q04UDEHCPU",
          "vendor": "Mitsubishi Electric Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "The first 5 digits of serial No. \"26061\" and prior"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MELSEC-Q Series Q06UDEHCPU",
          "vendor": "Mitsubishi Electric Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "The first 5 digits of serial No. \"26061\" and prior"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MELSEC-Q Series Q10UDEHCPU",
          "vendor": "Mitsubishi Electric Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "The first 5 digits of serial No. \"26061\" and prior"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MELSEC-Q Series Q13UDEHCPU",
          "vendor": "Mitsubishi Electric Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "The first 5 digits of serial No. \"26061\" and prior"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MELSEC-Q Series Q20UDEHCPU",
          "vendor": "Mitsubishi Electric Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "The first 5 digits of serial No. \"26061\" and prior"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MELSEC-Q Series Q26UDEHCPU",
          "vendor": "Mitsubishi Electric Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "The first 5 digits of serial No. \"26061\" and prior"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MELSEC-Q Series Q50UDEHCPU",
          "vendor": "Mitsubishi Electric Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "The first 5 digits of serial No. \"26061\" and prior"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MELSEC-Q Series Q100UDEHCPU",
          "vendor": "Mitsubishi Electric Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "The first 5 digits of serial No. \"26061\" and prior"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MELSEC-Q Series Q03UDVCPU",
          "vendor": "Mitsubishi Electric Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "The first 5 digits of serial No. \"26061\" and prior"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MELSEC-Q Series Q04UDVCPU",
          "vendor": "Mitsubishi Electric Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "The first 5 digits of serial No. \"26061\" and prior"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MELSEC-Q Series Q06UDVCPU",
          "vendor": "Mitsubishi Electric Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "The first 5 digits of serial No. \"26061\" and prior"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MELSEC-Q Series Q13UDVCPU",
          "vendor": "Mitsubishi Electric Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "The first 5 digits of serial No. \"26061\" and prior"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MELSEC-Q Series Q26UDVCPU",
          "vendor": "Mitsubishi Electric Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "The first 5 digits of serial No. \"26061\" and prior"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MELSEC-Q Series Q04UDPVCPU",
          "vendor": "Mitsubishi Electric Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "The first 5 digits of serial No. \"26061\" and prior"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MELSEC-Q Series Q06UDPVCPU",
          "vendor": "Mitsubishi Electric Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "The first 5 digits of serial No. \"26061\" and prior"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MELSEC-Q Series Q13UDPVCPU",
          "vendor": "Mitsubishi Electric Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "The first 5 digits of serial No. \"26061\" and prior"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MELSEC-Q Series Q26UDPVCPU",
          "vendor": "Mitsubishi Electric Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "The first 5 digits of serial No. \"26061\" and prior"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MELSEC-L Series L02CPU",
          "vendor": "Mitsubishi Electric Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "The first 5 digits of serial No. \"26041\" and prior"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MELSEC-L Series L06CPU",
          "vendor": "Mitsubishi Electric Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "The first 5 digits of serial No. \"26041\" and prior"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MELSEC-L Series L26CPU",
          "vendor": "Mitsubishi Electric Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "The first 5 digits of serial No. \"26041\" and prior"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MELSEC-L Series L02CPU-P",
          "vendor": "Mitsubishi Electric Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "The first 5 digits of serial No. \"26041\" and prior"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MELSEC-L Series L06CPU-P",
          "vendor": "Mitsubishi Electric Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "The first 5 digits of serial No. \"26041\" and prior"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MELSEC-L Series L26CPU-P",
          "vendor": "Mitsubishi Electric Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "The first 5 digits of serial No. \"26041\" and prior"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MELSEC-L Series L26CPU-BT",
          "vendor": "Mitsubishi Electric Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "The first 5 digits of serial No. \"26041\" and prior"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MELSEC-L Series L26CPU-PBT",
          "vendor": "Mitsubishi Electric Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "The first 5 digits of serial No. \"26041\" and prior"
            }
          ]
        }
      ],
      "datePublic": "2024-03-14T03:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Incorrect Pointer Scaling vulnerability in Mitsubishi Electric Corporation MELSEC-Q Series and MELSEC-L Series CPU modules allows a remote unauthenticated attacker to execute malicious code on a target product by sending a specially crafted packet."
            }
          ],
          "value": "Incorrect Pointer Scaling vulnerability in Mitsubishi Electric Corporation MELSEC-Q Series and MELSEC-L Series CPU modules allows a remote unauthenticated attacker to execute malicious code on a target product by sending a specially crafted packet."
        }
      ],
      "impacts": [
        {
          "descriptions": [
            {
              "lang": "en",
              "value": "Remote Code Execution"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-468",
              "description": "CWE-468 Incorrect Pointer Scaling",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-06-14T00:04:05.170Z",
        "orgId": "e0f77b61-78fd-4786-b3fb-1ee347a748ad",
        "shortName": "Mitsubishi"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2023-024_en.pdf"
        },
        {
          "tags": [
            "government-resource"
          ],
          "url": "https://jvn.jp/vu/JVNVU99690199/"
        },
        {
          "tags": [
            "government-resource"
          ],
          "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-074-14"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "e0f77b61-78fd-4786-b3fb-1ee347a748ad",
    "assignerShortName": "Mitsubishi",
    "cveId": "CVE-2024-1915",
    "datePublished": "2024-03-15T00:00:46.607Z",
    "dateReserved": "2024-02-27T06:32:39.218Z",
    "dateUpdated": "2024-08-27T19:56:54.512Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-0802 (GCVE-0-2024-0802)

Vulnerability from cvelistv5 – Published: 2024-03-14 23:57 – Updated: 2024-08-01 18:18
VLAI
Summary
Incorrect Pointer Scaling vulnerability in Mitsubishi Electric Corporation MELSEC-Q Series and MELSEC-L Series CPU modules allows a remote unauthenticated attacker to read arbitrary information from a target product or execute malicious code on a target product by sending a specially crafted packet.
SSVC
Exploitation: none Automatable: yes Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-468 - Incorrect Pointer Scaling
Assigner
References
Impacted products
Vendor Product Version
Mitsubishi Electric Corporation MELSEC-Q Series Q03UDECPU Affected: The first 5 digits of serial No. "26061" and prior
Create a notification for this product.
Mitsubishi Electric Corporation MELSEC-Q Series Q04UDEHCPU Affected: The first 5 digits of serial No. "26061" and prior
Create a notification for this product.
Mitsubishi Electric Corporation MELSEC-Q Series Q06UDEHCPU Affected: The first 5 digits of serial No. "26061" and prior
Create a notification for this product.
Mitsubishi Electric Corporation MELSEC-Q Series Q10UDEHCPU Affected: The first 5 digits of serial No. "26061" and prior
Create a notification for this product.
Mitsubishi Electric Corporation MELSEC-Q Series Q13UDEHCPU Affected: The first 5 digits of serial No. "26061" and prior
Create a notification for this product.
Mitsubishi Electric Corporation MELSEC-Q Series Q20UDEHCPU Affected: The first 5 digits of serial No. "26061" and prior
Create a notification for this product.
Mitsubishi Electric Corporation MELSEC-Q Series Q26UDEHCPU Affected: The first 5 digits of serial No. "26061" and prior
Create a notification for this product.
Mitsubishi Electric Corporation MELSEC-Q Series Q50UDEHCPU Affected: The first 5 digits of serial No. "26061" and prior
Create a notification for this product.
Mitsubishi Electric Corporation MELSEC-Q Series Q100UDEHCPU Affected: The first 5 digits of serial No. "26061" and prior
Create a notification for this product.
Mitsubishi Electric Corporation MELSEC-Q Series Q03UDVCPU Affected: The first 5 digits of serial No. "26061" and prior
Create a notification for this product.
Mitsubishi Electric Corporation MELSEC-Q Series Q04UDVCPU Affected: The first 5 digits of serial No. "26061" and prior
Create a notification for this product.
Mitsubishi Electric Corporation MELSEC-Q Series Q06UDVCPU Affected: The first 5 digits of serial No. "26061" and prior
Create a notification for this product.
Mitsubishi Electric Corporation MELSEC-Q Series Q13UDVCPU Affected: The first 5 digits of serial No. "26061" and prior
Create a notification for this product.
Mitsubishi Electric Corporation MELSEC-Q Series Q26UDVCPU Affected: The first 5 digits of serial No. "26061" and prior
Create a notification for this product.
Mitsubishi Electric Corporation MELSEC-Q Series Q04UDPVCPU Affected: The first 5 digits of serial No. "26061" and prior
Create a notification for this product.
Mitsubishi Electric Corporation MELSEC-Q Series Q06UDPVCPU Affected: The first 5 digits of serial No. "26061" and prior
Create a notification for this product.
Mitsubishi Electric Corporation MELSEC-Q Series Q13UDPVCPU Affected: The first 5 digits of serial No. "26061" and prior
Create a notification for this product.
Mitsubishi Electric Corporation MELSEC-Q Series Q26UDPVCPU Affected: The first 5 digits of serial No. "26061" and prior
Create a notification for this product.
Mitsubishi Electric Corporation MELSEC-L Series L02CPU Affected: The first 5 digits of serial No. "26041" and prior
Create a notification for this product.
Mitsubishi Electric Corporation MELSEC-L Series L06CPU Affected: The first 5 digits of serial No. "26041" and prior
Create a notification for this product.
Mitsubishi Electric Corporation MELSEC-L Series L26CPU Affected: The first 5 digits of serial No. "26041" and prior
Create a notification for this product.
Mitsubishi Electric Corporation MELSEC-L Series L02CPU-P Affected: The first 5 digits of serial No. "26041" and prior
Create a notification for this product.
Mitsubishi Electric Corporation MELSEC-L Series L06CPU-P Affected: The first 5 digits of serial No. "26041" and prior
Create a notification for this product.
Mitsubishi Electric Corporation MELSEC-L Series L26CPU-P Affected: The first 5 digits of serial No. "26041" and prior
Create a notification for this product.
Mitsubishi Electric Corporation MELSEC-L Series L26CPU-BT Affected: The first 5 digits of serial No. "26041" and prior
Create a notification for this product.
Mitsubishi Electric Corporation MELSEC-L Series L26CPU-PBT Affected: The first 5 digits of serial No. "26041" and prior
Create a notification for this product.
mitsubishielectric melsec_q-q03udecpu Affected: 0 , < xxxxx26061 (custom)
    cpe:2.3:h:mitsubishielectric:melsec_q-q03udecpu:-:*:*:*:*:*:*:*
Create a notification for this product.
mitsubishielectric melsec_q-q04udehcpu Affected: 0 , < xxxxx26061 (custom)
    cpe:2.3:h:mitsubishielectric:melsec_q-q04udehcpu:-:*:*:*:*:*:*:*
Create a notification for this product.
mitsubishielectric melsec_q-q06udehcpu Affected: 0 , < xxxxx26061 (custom)
    cpe:2.3:h:mitsubishielectric:melsec_q-q06udehcpu:-:*:*:*:*:*:*:*
Create a notification for this product.
mitsubishielectric melsec_q-q10udehcpu Affected: 0 , < xxxxx26061 (custom)
    cpe:2.3:h:mitsubishielectric:melsec_q-q10udehcpu:-:*:*:*:*:*:*:*
Create a notification for this product.
mitsubishielectric melsec_q-q13udehcpu Affected: 0 , < xxxxx26061 (custom)
    cpe:2.3:h:mitsubishielectric:melsec_q-q13udehcpu:-:*:*:*:*:*:*:*
Create a notification for this product.
mitsubishielectric melsec_q-q20udehcpu Affected: 0 , < xxxxx26061 (custom)
    cpe:2.3:h:mitsubishielectric:melsec_q-q20udehcpu:-:*:*:*:*:*:*:*
Create a notification for this product.
mitsubishielectric melsec_q-q26udehcpu Affected: 0 , < xxxxx26061 (custom)
    cpe:2.3:h:mitsubishielectric:melsec_q-q26udehcpu:-:*:*:*:*:*:*:*
Create a notification for this product.
mitsubishielectric melsec_q-q50udehcpu Affected: 0 , < xxxxx26061 (custom)
    cpe:2.3:h:mitsubishielectric:melsec_q-q50udehcpu:-:*:*:*:*:*:*:*
Create a notification for this product.
mitsubishielectric melsec_q-q100udehcpu Affected: 0 , < xxxxx26061 (custom)
    cpe:2.3:h:mitsubishielectric:melsec_q-q100udehcpu:-:*:*:*:*:*:*:*
Create a notification for this product.
mitsubishi melsec_q03udvcpu Affected: 0 , < xxxxx26061 (custom)
    cpe:2.3:h:mitsubishi:melsec_q03udvcpu:-:*:*:*:*:*:*:*
Create a notification for this product.
mitsubishi melsec_q04udvcpu Affected: 0 , < xxxxx26061 (custom)
    cpe:2.3:h:mitsubishi:melsec_q04udvcpu:-:*:*:*:*:*:*:*
Create a notification for this product.
mitsubishi melsec_q06udvcpu Affected: 0 , < xxxxx26061 (custom)
    cpe:2.3:h:mitsubishi:melsec_q06udvcpu:-:*:*:*:*:*:*:*
Create a notification for this product.
mitsubishi melsec_q13udvcpu Affected: 0 , < xxxxx26061 (custom)
    cpe:2.3:h:mitsubishi:melsec_q13udvcpu:-:*:*:*:*:*:*:*
Create a notification for this product.
mitsubishi melsec_q26udvcpu Affected: 0 , < xxxxx26061 (custom)
    cpe:2.3:h:mitsubishi:melsec_q26udvcpu:-:*:*:*:*:*:*:*
Create a notification for this product.
mitsubishi melsec_q06udpvcpu Affected: 0 , < xxxxx26061 (custom)
    cpe:2.3:h:mitsubishi:melsec_q06udpvcpu:-:*:*:*:*:*:*:*
Create a notification for this product.
mitsubishi melsec_q13udpvcpu Affected: 0 , < xxxxx26061 (custom)
    cpe:2.3:h:mitsubishi:melsec_q13udpvcpu:-:*:*:*:*:*:*:*
Create a notification for this product.
mitsubishi melsec_q26udpvcpu Affected: 0 , < xxxxx26061 (custom)
    cpe:2.3:h:mitsubishi:melsec_q26udpvcpu:-:*:*:*:*:*:*:*
Create a notification for this product.
mitsubishielectric l02cpu-p Affected: 0 , < xxxxx26041 (custom)
    cpe:2.3:h:mitsubishielectric:l02cpu-p:-:*:*:*:*:*:*:*
Create a notification for this product.
mitsubishi melsec_l06cpu\(-p\) Affected: 0 , < xxxxx26041 (custom)
    cpe:2.3:h:mitsubishi:melsec_l06cpu\(-p\):-:*:*:*:*:*:*:*
Create a notification for this product.
mitsubishi melsec_l26cpu\(-p\) Affected: 0 , < xxxxx26041 (custom)
    cpe:2.3:h:mitsubishi:melsec_l26cpu\(-p\):-:*:*:*:*:*:*:*
Create a notification for this product.
mitsubishielectric melsec_l02cpu-p Affected: 0 , < xxxxx26041 (custom)
    cpe:2.3:h:mitsubishielectric:melsec_l02cpu-p:-:*:*:*:*:*:*:*
Create a notification for this product.
mitsubishielectric melsec_l06cpu-p Affected: 0 , < xxxxx26041 (custom)
    cpe:2.3:h:mitsubishielectric:melsec_l06cpu-p:-:*:*:*:*:*:*:*
Create a notification for this product.
mitsubishielectric melsec_l26cpu-p Affected: 0 , < xxxxx26041 (custom)
    cpe:2.3:h:mitsubishielectric:melsec_l26cpu-p:-:*:*:*:*:*:*:*
Create a notification for this product.
mitsubishielectric l26cpu-bt Affected: 0 , < xxxxx26041 (custom)
    cpe:2.3:h:mitsubishielectric:l26cpu-bt:-:*:*:*:*:*:*:*
Create a notification for this product.
mitsubishielectric melsec_l26cpu-pbt Affected: 0 , < xxxxx26041 (custom)
    cpe:2.3:h:mitsubishielectric:melsec_l26cpu-pbt:-:*:*:*:*:*:*:*
Create a notification for this product.
Date Public
2024-03-14 03:00
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:h:mitsubishielectric:melsec_q-q03udecpu:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "melsec_q-q03udecpu",
            "vendor": "mitsubishielectric",
            "versions": [
              {
                "lessThan": "xxxxx26061",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mitsubishielectric:melsec_q-q04udehcpu:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "melsec_q-q04udehcpu",
            "vendor": "mitsubishielectric",
            "versions": [
              {
                "lessThan": "xxxxx26061",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mitsubishielectric:melsec_q-q06udehcpu:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "melsec_q-q06udehcpu",
            "vendor": "mitsubishielectric",
            "versions": [
              {
                "lessThan": "xxxxx26061",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mitsubishielectric:melsec_q-q10udehcpu:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "melsec_q-q10udehcpu",
            "vendor": "mitsubishielectric",
            "versions": [
              {
                "lessThan": "xxxxx26061",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mitsubishielectric:melsec_q-q13udehcpu:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "melsec_q-q13udehcpu",
            "vendor": "mitsubishielectric",
            "versions": [
              {
                "lessThan": "xxxxx26061",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mitsubishielectric:melsec_q-q20udehcpu:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "melsec_q-q20udehcpu",
            "vendor": "mitsubishielectric",
            "versions": [
              {
                "lessThan": "xxxxx26061",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mitsubishielectric:melsec_q-q26udehcpu:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "melsec_q-q26udehcpu",
            "vendor": "mitsubishielectric",
            "versions": [
              {
                "lessThan": "xxxxx26061",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mitsubishielectric:melsec_q-q50udehcpu:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "melsec_q-q50udehcpu",
            "vendor": "mitsubishielectric",
            "versions": [
              {
                "lessThan": "xxxxx26061",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mitsubishielectric:melsec_q-q100udehcpu:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "melsec_q-q100udehcpu",
            "vendor": "mitsubishielectric",
            "versions": [
              {
                "lessThan": "xxxxx26061",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mitsubishi:melsec_q03udvcpu:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "melsec_q03udvcpu",
            "vendor": "mitsubishi",
            "versions": [
              {
                "lessThan": "xxxxx26061",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mitsubishi:melsec_q04udvcpu:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "melsec_q04udvcpu",
            "vendor": "mitsubishi",
            "versions": [
              {
                "lessThan": "xxxxx26061",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mitsubishi:melsec_q06udvcpu:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "melsec_q06udvcpu",
            "vendor": "mitsubishi",
            "versions": [
              {
                "lessThan": "xxxxx26061",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mitsubishi:melsec_q13udvcpu:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "melsec_q13udvcpu",
            "vendor": "mitsubishi",
            "versions": [
              {
                "lessThan": "xxxxx26061",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mitsubishi:melsec_q26udvcpu:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "melsec_q26udvcpu",
            "vendor": "mitsubishi",
            "versions": [
              {
                "lessThan": "xxxxx26061",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mitsubishi:melsec_q06udpvcpu:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "melsec_q06udpvcpu",
            "vendor": "mitsubishi",
            "versions": [
              {
                "lessThan": "xxxxx26061",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mitsubishi:melsec_q13udpvcpu:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "melsec_q13udpvcpu",
            "vendor": "mitsubishi",
            "versions": [
              {
                "lessThan": "xxxxx26061",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mitsubishi:melsec_q26udpvcpu:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "melsec_q26udpvcpu",
            "vendor": "mitsubishi",
            "versions": [
              {
                "lessThan": "xxxxx26061",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mitsubishielectric:l02cpu-p:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "l02cpu-p",
            "vendor": "mitsubishielectric",
            "versions": [
              {
                "lessThan": "xxxxx26041",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mitsubishi:melsec_l06cpu\\(-p\\):-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "melsec_l06cpu\\(-p\\)",
            "vendor": "mitsubishi",
            "versions": [
              {
                "lessThan": "xxxxx26041",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mitsubishi:melsec_l26cpu\\(-p\\):-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "melsec_l26cpu\\(-p\\)",
            "vendor": "mitsubishi",
            "versions": [
              {
                "lessThan": "xxxxx26041",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mitsubishielectric:melsec_l02cpu-p:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "melsec_l02cpu-p",
            "vendor": "mitsubishielectric",
            "versions": [
              {
                "lessThan": "xxxxx26041",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mitsubishielectric:melsec_l06cpu-p:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "melsec_l06cpu-p",
            "vendor": "mitsubishielectric",
            "versions": [
              {
                "lessThan": "xxxxx26041",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mitsubishielectric:melsec_l26cpu-p:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "melsec_l26cpu-p",
            "vendor": "mitsubishielectric",
            "versions": [
              {
                "lessThan": "xxxxx26041",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mitsubishielectric:l26cpu-bt:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "l26cpu-bt",
            "vendor": "mitsubishielectric",
            "versions": [
              {
                "lessThan": "xxxxx26041",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mitsubishielectric:melsec_l26cpu-pbt:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "melsec_l26cpu-pbt",
            "vendor": "mitsubishielectric",
            "versions": [
              {
                "lessThan": "xxxxx26041",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-0802",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-07-16T00:29:47.319671Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-07-16T01:00:21.794Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T18:18:18.584Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2023-024_en.pdf"
          },
          {
            "tags": [
              "government-resource",
              "x_transferred"
            ],
            "url": "https://jvn.jp/vu/JVNVU99690199/"
          },
          {
            "tags": [
              "government-resource",
              "x_transferred"
            ],
            "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-074-14"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "MELSEC-Q Series Q03UDECPU",
          "vendor": "Mitsubishi Electric Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "The first 5 digits of serial No. \"26061\" and prior"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MELSEC-Q Series Q04UDEHCPU",
          "vendor": "Mitsubishi Electric Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "The first 5 digits of serial No. \"26061\" and prior"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MELSEC-Q Series Q06UDEHCPU",
          "vendor": "Mitsubishi Electric Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "The first 5 digits of serial No. \"26061\" and prior"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MELSEC-Q Series Q10UDEHCPU",
          "vendor": "Mitsubishi Electric Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "The first 5 digits of serial No. \"26061\" and prior"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MELSEC-Q Series Q13UDEHCPU",
          "vendor": "Mitsubishi Electric Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "The first 5 digits of serial No. \"26061\" and prior"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MELSEC-Q Series Q20UDEHCPU",
          "vendor": "Mitsubishi Electric Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "The first 5 digits of serial No. \"26061\" and prior"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MELSEC-Q Series Q26UDEHCPU",
          "vendor": "Mitsubishi Electric Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "The first 5 digits of serial No. \"26061\" and prior"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MELSEC-Q Series Q50UDEHCPU",
          "vendor": "Mitsubishi Electric Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "The first 5 digits of serial No. \"26061\" and prior"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MELSEC-Q Series Q100UDEHCPU",
          "vendor": "Mitsubishi Electric Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "The first 5 digits of serial No. \"26061\" and prior"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MELSEC-Q Series Q03UDVCPU",
          "vendor": "Mitsubishi Electric Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "The first 5 digits of serial No. \"26061\" and prior"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MELSEC-Q Series Q04UDVCPU",
          "vendor": "Mitsubishi Electric Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "The first 5 digits of serial No. \"26061\" and prior"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MELSEC-Q Series Q06UDVCPU",
          "vendor": "Mitsubishi Electric Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "The first 5 digits of serial No. \"26061\" and prior"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MELSEC-Q Series Q13UDVCPU",
          "vendor": "Mitsubishi Electric Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "The first 5 digits of serial No. \"26061\" and prior"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MELSEC-Q Series Q26UDVCPU",
          "vendor": "Mitsubishi Electric Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "The first 5 digits of serial No. \"26061\" and prior"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MELSEC-Q Series Q04UDPVCPU",
          "vendor": "Mitsubishi Electric Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "The first 5 digits of serial No. \"26061\" and prior"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MELSEC-Q Series Q06UDPVCPU",
          "vendor": "Mitsubishi Electric Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "The first 5 digits of serial No. \"26061\" and prior"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MELSEC-Q Series Q13UDPVCPU",
          "vendor": "Mitsubishi Electric Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "The first 5 digits of serial No. \"26061\" and prior"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MELSEC-Q Series Q26UDPVCPU",
          "vendor": "Mitsubishi Electric Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "The first 5 digits of serial No. \"26061\" and prior"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MELSEC-L Series L02CPU",
          "vendor": "Mitsubishi Electric Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "The first 5 digits of serial No. \"26041\" and prior"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MELSEC-L Series L06CPU",
          "vendor": "Mitsubishi Electric Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "The first 5 digits of serial No. \"26041\" and prior"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MELSEC-L Series L26CPU",
          "vendor": "Mitsubishi Electric Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "The first 5 digits of serial No. \"26041\" and prior"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MELSEC-L Series L02CPU-P",
          "vendor": "Mitsubishi Electric Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "The first 5 digits of serial No. \"26041\" and prior"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MELSEC-L Series L06CPU-P",
          "vendor": "Mitsubishi Electric Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "The first 5 digits of serial No. \"26041\" and prior"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MELSEC-L Series L26CPU-P",
          "vendor": "Mitsubishi Electric Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "The first 5 digits of serial No. \"26041\" and prior"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MELSEC-L Series L26CPU-BT",
          "vendor": "Mitsubishi Electric Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "The first 5 digits of serial No. \"26041\" and prior"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MELSEC-L Series L26CPU-PBT",
          "vendor": "Mitsubishi Electric Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "The first 5 digits of serial No. \"26041\" and prior"
            }
          ]
        }
      ],
      "datePublic": "2024-03-14T03:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Incorrect Pointer Scaling vulnerability in Mitsubishi Electric Corporation MELSEC-Q Series and MELSEC-L Series CPU modules allows a remote unauthenticated attacker to read arbitrary information from a target product or execute malicious code on a target product by sending a specially crafted packet."
            }
          ],
          "value": "Incorrect Pointer Scaling vulnerability in Mitsubishi Electric Corporation MELSEC-Q Series and MELSEC-L Series CPU modules allows a remote unauthenticated attacker to read arbitrary information from a target product or execute malicious code on a target product by sending a specially crafted packet."
        }
      ],
      "impacts": [
        {
          "descriptions": [
            {
              "lang": "en",
              "value": "Information Disclosure and Remote Code Execution"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-468",
              "description": "CWE-468 Incorrect Pointer Scaling",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-06-14T00:03:03.747Z",
        "orgId": "e0f77b61-78fd-4786-b3fb-1ee347a748ad",
        "shortName": "Mitsubishi"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2023-024_en.pdf"
        },
        {
          "tags": [
            "government-resource"
          ],
          "url": "https://jvn.jp/vu/JVNVU99690199/"
        },
        {
          "tags": [
            "government-resource"
          ],
          "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-074-14"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "e0f77b61-78fd-4786-b3fb-1ee347a748ad",
    "assignerShortName": "Mitsubishi",
    "cveId": "CVE-2024-0802",
    "datePublished": "2024-03-14T23:57:07.390Z",
    "dateReserved": "2024-01-23T00:04:23.168Z",
    "dateUpdated": "2024-08-01T18:18:18.584Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

GHSA-4FP7-72XG-C4HC

Vulnerability from github – Published: 2026-06-08 18:31 – Updated: 2026-06-08 21:31
VLAI
Details

Software installed and run as a non-privileged user may conduct improper GPU system calls to cause mismanagement of a mapping state maintained for a sparse memory allocation.

The product accidentally refers to the wrong memory due to the semantics of how math operations are implicitly scaled across buffers of different sizes.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-34194"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-468"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-06-08T16:16:38Z",
    "severity": "HIGH"
  },
  "details": "Software installed and run as a non-privileged user may conduct improper GPU system calls to cause mismanagement of a mapping state maintained for a sparse memory allocation.\n\n\n\nThe product accidentally refers to the wrong memory due to the semantics of how math operations are implicitly scaled across buffers of different sizes.",
  "id": "GHSA-4fp7-72xg-c4hc",
  "modified": "2026-06-08T21:31:49Z",
  "published": "2026-06-08T18:31:49Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34194"
    },
    {
      "type": "WEB",
      "url": "https://www.imaginationtech.com/gpu-driver-vulnerabilities"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-9FM8-V9C3-XG8R

Vulnerability from github – Published: 2024-03-15 03:30 – Updated: 2024-03-15 03:30
VLAI
Details

Incorrect Pointer Scaling vulnerability in Mitsubishi Electric Corporation MELSEC-Q Series and MELSEC-L Series CPU modules allows a remote unauthenticated attacker to execute malicious code on a target product by sending a specially crafted packet.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-1915"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-468"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-03-15T01:15:58Z",
    "severity": "CRITICAL"
  },
  "details": "Incorrect Pointer Scaling vulnerability in Mitsubishi Electric Corporation MELSEC-Q Series and MELSEC-L Series CPU modules allows a remote unauthenticated attacker to execute malicious code on a target product by sending a specially crafted packet.",
  "id": "GHSA-9fm8-v9c3-xg8r",
  "modified": "2024-03-15T03:30:52Z",
  "published": "2024-03-15T03:30:52Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-1915"
    },
    {
      "type": "WEB",
      "url": "https://jvn.jp/vu/JVNVU99690199"
    },
    {
      "type": "WEB",
      "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-074-14"
    },
    {
      "type": "WEB",
      "url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2023-024_en.pdf"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-F8R4-PX99-X2M2

Vulnerability from github – Published: 2026-01-27 18:32 – Updated: 2026-01-27 18:32
VLAI
Details

improper pointer arithmetic

vulnerability in ProjectSkyfire SkyFire_548.This issue affects SkyFire_548: before 5.4.8-stable5.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-24872"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-468"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-01-27T16:16:36Z",
    "severity": "CRITICAL"
  },
  "details": "improper pointer arithmetic\n\n vulnerability in ProjectSkyfire SkyFire_548.This issue affects SkyFire_548: before 5.4.8-stable5.",
  "id": "GHSA-f8r4-px99-x2m2",
  "modified": "2026-01-27T18:32:16Z",
  "published": "2026-01-27T18:32:16Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24872"
    },
    {
      "type": "WEB",
      "url": "https://github.com/cadaver/turso3d/pull/11"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-QPRP-WPVG-34QR

Vulnerability from github – Published: 2024-03-15 03:30 – Updated: 2024-03-15 03:30
VLAI
Details

Incorrect Pointer Scaling vulnerability in Mitsubishi Electric Corporation MELSEC-Q Series and MELSEC-L Series CPU modules allows a remote unauthenticated attacker to read arbitrary information from a target product or execute malicious code on a target product by sending a specially crafted packet.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-0802"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-468"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-03-15T01:15:57Z",
    "severity": "CRITICAL"
  },
  "details": "Incorrect Pointer Scaling vulnerability in Mitsubishi Electric Corporation MELSEC-Q Series and MELSEC-L Series CPU modules allows a remote unauthenticated attacker to read arbitrary information from a target product or execute malicious code on a target product by sending a specially crafted packet.",
  "id": "GHSA-qprp-wpvg-34qr",
  "modified": "2024-03-15T03:30:52Z",
  "published": "2024-03-15T03:30:52Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-0802"
    },
    {
      "type": "WEB",
      "url": "https://jvn.jp/vu/JVNVU99690199"
    },
    {
      "type": "WEB",
      "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-074-14"
    },
    {
      "type": "WEB",
      "url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2023-024_en.pdf"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Mitigation
Architecture and Design

Use a platform with high-level memory abstractions.

Mitigation
Implementation

Always use array indexing instead of direct pointer manipulation.

Mitigation
Architecture and Design

Use technologies for preventing buffer overflows.

No CAPEC attack patterns related to this CWE.