Vulnerabilites related to Mitsubishi Electric - FX5-ENET/IP
CVE-2020-16226 (GCVE-0-2020-16226)
Vulnerability from cvelistv5
Published
2020-10-05 17:19
Modified
2024-09-17 00:25
Severity ?
EPSS score ?
Summary
Multiple Mitsubishi Electric products are vulnerable to impersonations of a legitimate device by a malicious actor, which may allow an attacker to remotely execute arbitrary commands.
References
| ▼ | URL | Tags |
|---|---|---|
| https://us-cert.cisa.gov/ics/advisories/icsa-20-245-01 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Mitsubishi Electric | QJ71MES96 |
Version: all versions |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T13:37:54.189Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://us-cert.cisa.gov/ics/advisories/icsa-20-245-01", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "QJ71MES96", vendor: "Mitsubishi Electric", versions: [ { status: "affected", version: "all versions", }, ], }, { product: "QJ71WS96", vendor: "Mitsubishi Electric", versions: [ { status: "affected", version: "all versions", }, ], }, { product: "Q06CCPU-V", vendor: "Mitsubishi Electric", versions: [ { status: "affected", version: "all versions", }, ], }, { product: "Q24DHCCPU-V", vendor: "Mitsubishi Electric", versions: [ { status: "affected", version: "all versions", }, ], }, { product: "Q24DHCCPU-VG", vendor: "Mitsubishi Electric", versions: [ { status: "affected", version: "all versions", }, ], }, { product: "R12CCPU-V", vendor: "Mitsubishi Electric", versions: [ { status: "affected", version: "all versions", }, ], }, { product: "RD55UP06-V,", vendor: "Mitsubishi Electric", versions: [ { status: "affected", version: "all versions", }, ], }, { product: "D55UP12-V", vendor: "Mitsubishi Electric", versions: [ { status: "affected", version: "all versions", }, ], }, { product: "RJ71GN11-T2", vendor: "Mitsubishi Electric", versions: [ { status: "affected", version: "all versions", }, ], }, { product: "RJ71EN71", vendor: "Mitsubishi Electric", versions: [ { status: "affected", version: "all versions", }, ], }, { product: "QJ71E71-100", vendor: "Mitsubishi Electric", versions: [ { status: "affected", version: "all versions", }, ], }, { product: "LJ71E71-100", vendor: "Mitsubishi Electric", versions: [ { status: "affected", version: "all versions", }, ], }, { product: "QJ71MT91", vendor: "Mitsubishi Electric", versions: [ { status: "affected", version: "all versions", }, ], }, { product: "RD78Gn(n=4,8,16,32,64)", vendor: "Mitsubishi Electric", versions: [ { status: "affected", version: "all versions", }, ], }, { product: "RD78GHV", vendor: "Mitsubishi Electric", versions: [ { status: "affected", version: "all versions", }, ], }, { product: "RD78GHW", vendor: "Mitsubishi Electric", versions: [ { status: "affected", version: "all versions", }, ], }, { product: "NZ2GACP620-60", vendor: "Mitsubishi Electric", versions: [ { status: "affected", version: "all versions", }, ], }, { product: "NZ2GACP620-300", vendor: "Mitsubishi Electric", versions: [ { status: "affected", version: "all versions", }, ], }, { product: "NZ2FT-MT", vendor: "Mitsubishi Electric", versions: [ { status: "affected", version: "all versions", }, ], }, { product: "NZ2FT-EIP", vendor: "Mitsubishi Electric", versions: [ { status: "affected", version: "all versions", }, ], }, { product: "Q03UDECPU", vendor: "Mitsubishi Electric", versions: [ { status: "affected", version: "the first 5 digits of serial number 22081 and prior", }, ], }, { product: "QnUDEHCPU(n=04/06/10/13/20/26/50/100)", vendor: "Mitsubishi Electric", versions: [ { status: "affected", version: "the first 5 digits of serial number 22081 and prior", }, ], }, { product: "QnUDVCPU(n=03/04/06/13/26)", vendor: "Mitsubishi Electric", versions: [ { status: "affected", version: "the first 5 digits of serial number 22031 and prior", }, ], }, { product: "QnUDPVCPU(n=04/06/13/2)", vendor: "Mitsubishi Electric", versions: [ { status: "affected", version: "the first 5 digits of serial number 22031 and prior", }, ], }, { product: "LnCPU(-P)(n=02/06/26)", vendor: "Mitsubishi Electric", versions: [ { status: "affected", version: "the first 5 digits of serial number 22051 and prior", }, ], }, { product: "L26CPU-(P)BT", vendor: "Mitsubishi Electric", versions: [ { status: "affected", version: "the first 5 digits of serial number 22051 and prior", }, ], }, { product: "RnCPU(n=00/01/02)", vendor: "Mitsubishi Electric", versions: [ { lessThan: "Version 18 and prior", status: "affected", version: "unspecified", versionType: "custom", }, ], }, { product: "RnCPU(n=04/08/16/32/120)", vendor: "Mitsubishi Electric", versions: [ { lessThan: "Version 50 and prior", status: "affected", version: "unspecified", versionType: "custom", }, ], }, { product: "RnENCPU(n=04/08/16/32/120)", vendor: "Mitsubishi Electric", versions: [ { lessThan: "Version 50 and prior", status: "affected", version: "unspecified", versionType: "custom", }, ], }, { product: "RnSFCPU (n=08/16/32/120)", vendor: "Mitsubishi Electric", versions: [ { status: "affected", version: "all versions", }, ], }, { product: "RnPCPU(n=08/16/32/120)", vendor: "Mitsubishi Electric", versions: [ { status: "affected", version: "all versions", }, ], }, { product: "RnPSFCPU(n=08/16/32/120)", vendor: "Mitsubishi Electric", versions: [ { status: "affected", version: "all versions", }, ], }, { product: "FX5U(C)-**M*/**", vendor: "Mitsubishi Electric", versions: [ { lessThan: "Serial number 17X**** or later: Version 1.210 and prior", status: "affected", version: "unspecified", versionType: "custom", }, { lessThan: "Serial number 179**** and prior: Version 1.070 and prior", status: "affected", version: "unspecified", versionType: "custom", }, ], }, { product: "FX5UC-32M*/**-TS", vendor: "Mitsubishi Electric", versions: [ { lessThan: "Version 1.210 and prior", status: "affected", version: "unspecified", versionType: "custom", }, ], }, { product: "FX5UJ-**M*/**", vendor: "Mitsubishi Electric", versions: [ { status: "affected", version: "Version 1.000", }, ], }, { product: "FX5-ENET", vendor: "Mitsubishi Electric", versions: [ { status: "affected", version: "all versions", }, ], }, { product: "FX5-ENET/IP", vendor: "Mitsubishi Electric", versions: [ { status: "affected", version: "all versions", }, ], }, { product: "FX3U-ENET-ADP", vendor: "Mitsubishi Electric", versions: [ { status: "affected", version: "all versions", }, ], }, { product: "FX3GE-**M*/**", vendor: "Mitsubishi Electric", versions: [ { status: "affected", version: "all versions", }, ], }, { product: "FX3U-ENET", vendor: "Mitsubishi Electric", versions: [ { status: "affected", version: "all versions", }, ], }, { product: "FX3U-ENET-L", vendor: "Mitsubishi Electric", versions: [ { status: "affected", version: "all versions", }, ], }, { product: "FX3U-ENET-P502", vendor: "Mitsubishi Electric", versions: [ { status: "affected", version: "all versions", }, ], }, { product: "FX5-CCLGN-MS", vendor: "Mitsubishi Electric", versions: [ { status: "affected", version: "all versions", }, ], }, { product: "IU1-1M20-D", vendor: "Mitsubishi Electric", versions: [ { status: "affected", version: "all versions", }, ], }, { product: "LE7-40GU-L", vendor: "Mitsubishi Electric", versions: [ { status: "affected", version: "all versions", }, ], }, { product: "GOT2000 Series GT21 Model", vendor: "Mitsubishi Electric", versions: [ { status: "affected", version: "all versions", }, ], }, { product: "GS Series", vendor: "Mitsubishi Electric", versions: [ { status: "affected", version: "all versions", }, ], }, { product: "GOT1000 Series GT14 Model", vendor: "Mitsubishi Electric", versions: [ { status: "affected", version: "all versions", }, ], }, { product: "GT25-J71GN13-T2", vendor: "Mitsubishi Electric", versions: [ { status: "affected", version: "all versions", }, ], }, { product: "FR-A800-E Series", vendor: "Mitsubishi Electric", versions: [ { status: "affected", version: "all versions", }, ], }, { product: "FR-F800-E Series", vendor: "Mitsubishi Electric", versions: [ { status: "affected", version: "all versions", }, ], }, { product: "FR-A8NCG", vendor: "Mitsubishi Electric", versions: [ { status: "affected", version: "Production date August 2020 and prior", }, ], }, { product: "FR-E800-EPA Series", vendor: "Mitsubishi Electric", versions: [ { status: "affected", version: "Production date July 2020 and prior", }, ], }, { product: "FR-E800-EPB Series", vendor: "Mitsubishi Electric", versions: [ { status: "affected", version: "Production date July 2020 and prior", }, ], }, { product: "Conveyor Tracking Application", vendor: "Mitsubishi Electric", versions: [ { status: "affected", version: "APR-nTR3FH all versions", }, { status: "affected", version: "APR-nTR6FH all versions", }, { status: "affected", version: "APR-nTR12FH all versions", }, { status: "affected", version: "APR-nTR20FH(n=1,2) all versions", }, ], }, { product: "MR-JE-C", vendor: "Mitsubishi Electric", versions: [ { status: "affected", version: "all versions", }, ], }, { product: "MR-J4-TM", vendor: "Mitsubishi Electric", versions: [ { status: "affected", version: "all versions", }, ], }, ], datePublic: "2020-09-01T00:00:00", descriptions: [ { lang: "en", value: "Multiple Mitsubishi Electric products are vulnerable to impersonations of a legitimate device by a malicious actor, which may allow an attacker to remotely execute arbitrary commands.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-342", description: "PREDICTABLE EXACT VALUE FROM PREVIOUS VALUES CWE-342", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2020-10-05T17:19:17", orgId: "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", shortName: "icscert", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://us-cert.cisa.gov/ics/advisories/icsa-20-245-01", }, ], source: { advisory: "ICSA-20-245-01", discovery: "UNKNOWN", }, title: "Mitsubishi Electric Multiple Products", x_generator: { engine: "Vulnogram 0.0.9", }, x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "ics-cert@hq.dhs.gov", DATE_PUBLIC: "2020-09-01T16:00:00.000Z", ID: "CVE-2020-16226", STATE: "PUBLIC", TITLE: "Mitsubishi Electric Multiple Products", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "QJ71MES96", version: { version_data: [ { version_affected: "=", version_value: "all versions", }, ], }, }, { product_name: "QJ71WS96", version: { version_data: [ { version_affected: "=", version_value: "all versions", }, ], }, }, { product_name: "Q06CCPU-V", version: { version_data: [ { version_affected: "=", version_value: "all versions", }, ], }, }, { product_name: "Q24DHCCPU-V", version: { version_data: [ { version_affected: "=", version_value: "all versions", }, ], }, }, { product_name: "Q24DHCCPU-VG", version: { version_data: [ { version_affected: "=", version_value: "all versions", }, ], }, }, { product_name: "R12CCPU-V", version: { version_data: [ { version_affected: "=", version_value: "all versions", }, ], }, }, { product_name: "RD55UP06-V,", version: { version_data: [ { version_affected: "=", version_value: "all versions", }, ], }, }, { product_name: "D55UP12-V", version: { version_data: [ { version_affected: "=", version_value: "all versions", }, ], }, }, { product_name: "RJ71GN11-T2", version: { version_data: [ { version_affected: "=", version_value: "all versions", }, ], }, }, { product_name: "RJ71EN71", version: { version_data: [ { version_affected: "=", version_value: "all versions", }, ], }, }, { product_name: "QJ71E71-100", version: { version_data: [ { version_affected: "=", version_value: "all versions", }, ], }, }, { product_name: "LJ71E71-100", version: { version_data: [ { version_affected: "=", version_value: "all versions", }, ], }, }, { product_name: "QJ71MT91", version: { version_data: [ { version_affected: "=", version_value: "all versions", }, ], }, }, { product_name: "RD78Gn(n=4,8,16,32,64)", version: { version_data: [ { version_affected: "=", version_value: "all versions", }, ], }, }, { product_name: "RD78GHV", version: { version_data: [ { version_affected: "=", version_value: "all versions", }, ], }, }, { product_name: "RD78GHW", version: { version_data: [ { version_affected: "=", version_value: "all versions", }, ], }, }, { product_name: "NZ2GACP620-60", version: { version_data: [ { version_affected: "=", version_value: "all versions", }, ], }, }, { product_name: "NZ2GACP620-300", version: { version_data: [ { version_affected: "=", version_value: "all versions", }, ], }, }, { product_name: "NZ2FT-MT", version: { version_data: [ { version_affected: "=", version_value: "all versions", }, ], }, }, { product_name: "NZ2FT-EIP", version: { version_data: [ { version_affected: "=", version_value: "all versions", }, ], }, }, { product_name: "Q03UDECPU", version: { version_data: [ { version_affected: "=", version_value: "the first 5 digits of serial number 22081 and prior", }, ], }, }, { product_name: "QnUDEHCPU(n=04/06/10/13/20/26/50/100)", version: { version_data: [ { version_affected: "=", version_value: "the first 5 digits of serial number 22081 and prior", }, ], }, }, { product_name: "QnUDVCPU(n=03/04/06/13/26)", version: { version_data: [ { version_affected: "=", version_value: "the first 5 digits of serial number 22031 and prior", }, ], }, }, { product_name: "QnUDPVCPU(n=04/06/13/2)", version: { version_data: [ { version_affected: "=", version_value: "the first 5 digits of serial number 22031 and prior", }, ], }, }, { product_name: "LnCPU(-P)(n=02/06/26)", version: { version_data: [ { version_affected: "=", version_value: "the first 5 digits of serial number 22051 and prior", }, ], }, }, { product_name: "L26CPU-(P)BT", version: { version_data: [ { version_affected: "=", version_value: "the first 5 digits of serial number 22051 and prior", }, ], }, }, { product_name: "RnCPU(n=00/01/02)", version: { version_data: [ { version_affected: "<", version_value: "Version 18 and prior", }, ], }, }, { product_name: "RnCPU(n=04/08/16/32/120)", version: { version_data: [ { version_affected: "<", version_value: "Version 50 and prior", }, ], }, }, { product_name: "RnENCPU(n=04/08/16/32/120)", version: { version_data: [ { version_affected: "<", version_value: "Version 50 and prior", }, ], }, }, { product_name: "RnSFCPU (n=08/16/32/120)", version: { version_data: [ { version_affected: "=", version_value: "all versions", }, ], }, }, { product_name: "RnPCPU(n=08/16/32/120)", version: { version_data: [ { version_affected: "=", version_value: "all versions", }, ], }, }, { product_name: "RnPSFCPU(n=08/16/32/120)", version: { version_data: [ { version_affected: "=", version_value: "all versions", }, ], }, }, { product_name: "FX5U(C)-**M*/**", version: { version_data: [ { version_affected: "<", version_value: "Serial number 17X**** or later: Version 1.210 and prior", }, { version_affected: "<", version_value: "Serial number 179**** and prior: Version 1.070 and prior", }, ], }, }, { product_name: "FX5UC-32M*/**-TS", version: { version_data: [ { version_affected: "<", version_value: "Version 1.210 and prior", }, ], }, }, { product_name: "FX5UJ-**M*/**", version: { version_data: [ { version_affected: "=", version_value: "Version 1.000", }, ], }, }, { product_name: "FX5-ENET", version: { version_data: [ { version_affected: "=", version_value: "all versions", }, ], }, }, { product_name: "FX5-ENET/IP", version: { version_data: [ { version_affected: "=", version_value: "all versions", }, ], }, }, { product_name: "FX3U-ENET-ADP", version: { version_data: [ { version_affected: "=", version_value: "all versions", }, ], }, }, { product_name: "FX3GE-**M*/**", version: { version_data: [ { version_affected: "=", version_value: "all versions", }, ], }, }, { product_name: "FX3U-ENET", version: { version_data: [ { version_affected: "=", version_value: "all versions", }, ], }, }, { product_name: "FX3U-ENET-L", version: { version_data: [ { version_affected: "=", version_value: "all versions", }, ], }, }, { product_name: "FX3U-ENET-P502", version: { version_data: [ { version_affected: "=", version_value: "all versions", }, ], }, }, { product_name: "FX5-CCLGN-MS", version: { version_data: [ { version_affected: "=", version_value: "all versions", }, ], }, }, { product_name: "IU1-1M20-D", version: { version_data: [ { version_affected: "=", version_value: "all versions", }, ], }, }, { product_name: "LE7-40GU-L", version: { version_data: [ { version_affected: "=", version_value: "all versions", }, ], }, }, { product_name: "GOT2000 Series GT21 Model", version: { version_data: [ { version_affected: "=", version_value: "all versions", }, ], }, }, { product_name: "GS Series", version: { version_data: [ { version_affected: "=", version_value: "all versions", }, ], }, }, { product_name: "GOT1000 Series GT14 Model", version: { version_data: [ { version_affected: "=", version_value: "all versions", }, ], }, }, { product_name: "GT25-J71GN13-T2", version: { version_data: [ { version_affected: "=", version_value: "all versions", }, ], }, }, { product_name: "FR-A800-E Series", version: { version_data: [ { version_affected: "=", version_value: "all versions", }, ], }, }, { product_name: "FR-F800-E Series", version: { version_data: [ { version_affected: "=", version_value: "all versions", }, ], }, }, { product_name: "FR-A8NCG", version: { version_data: [ { version_affected: "=", version_value: "Production date August 2020 and prior", }, ], }, }, { product_name: "FR-E800-EPA Series", version: { version_data: [ { version_affected: "=", version_value: "Production date July 2020 and prior", }, ], }, }, { product_name: "FR-E800-EPB Series", version: { version_data: [ { version_affected: "=", version_value: "Production date July 2020 and prior", }, ], }, }, { product_name: "Conveyor Tracking Application", version: { version_data: [ { version_affected: "=", version_name: "APR-nTR3FH", version_value: "all versions", }, { version_affected: "=", version_name: "APR-nTR6FH", version_value: "all versions", }, { version_affected: "=", version_name: "APR-nTR12FH", version_value: "all versions", }, { version_affected: "=", version_name: "APR-nTR20FH(n=1,2)", version_value: "all versions", }, ], }, }, { product_name: "MR-JE-C", version: { version_data: [ { version_affected: "=", version_value: "all versions", }, ], }, }, { product_name: "MR-J4-TM", version: { version_data: [ { version_affected: "=", version_value: "all versions", }, ], }, }, ], }, vendor_name: "Mitsubishi Electric", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Multiple Mitsubishi Electric products are vulnerable to impersonations of a legitimate device by a malicious actor, which may allow an attacker to remotely execute arbitrary commands.", }, ], }, generator: { engine: "Vulnogram 0.0.9", }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "PREDICTABLE EXACT VALUE FROM PREVIOUS VALUES CWE-342", }, ], }, ], }, references: { reference_data: [ { name: "https://us-cert.cisa.gov/ics/advisories/icsa-20-245-01", refsource: "MISC", url: "https://us-cert.cisa.gov/ics/advisories/icsa-20-245-01", }, ], }, source: { advisory: "ICSA-20-245-01", discovery: "UNKNOWN", }, }, }, }, cveMetadata: { assignerOrgId: "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", assignerShortName: "icscert", cveId: "CVE-2020-16226", datePublished: "2020-10-05T17:19:17.358565Z", dateReserved: "2020-07-31T00:00:00", dateUpdated: "2024-09-17T00:25:38.551Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }