CVE-2023-3346 (GCVE-0-2023-3346)

Vulnerability from cvelistv5 – Published: 2023-08-03 04:00 – Updated: 2024-12-04 15:16
VLAI?
Title
Denial of Service (DoS) and Remote Code Execution Vulnerability in MITSUBISHI CNC Series
Summary
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in MITSUBSHI CNC Series allows a remote unauthenticated attacker to cause Denial of Service (DoS) condition and execute arbitrary code on the product by sending specially crafted packets. In addition, system reset is required for recovery.
Severity ?
9.8 (Critical)
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE
  • CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
Assigner
References
Impacted products
Vendor Product Version
Mitsubishi Electric Corporation MITSUBISHI CNC M800V Series M800VW Affected: System Number BND-2051W000 versions A8 and prior
Create a notification for this product.
    Mitsubishi Electric Corporation MITSUBISHI CNC M800V Series M800VS Affected: System Number BND-2052W000 versions A8 and prior
Create a notification for this product.
    Mitsubishi Electric Corporation MITSUBISHI CNC M80V Series M80V Affected: System Number BND-2053W000 versions A8 and prior
Create a notification for this product.
    Mitsubishi Electric Corporation MITSUBISHI CNC M80V Series M80VW Affected: System Number BND-2054W000 versions A8 and prior
Create a notification for this product.
    Mitsubishi Electric Corporation MITSUBISHI CNC M800 Series M800W Affected: System Number BND-2005W000 versions FB and prior
Create a notification for this product.
    Mitsubishi Electric Corporation MITSUBISHI CNC M800 Series M800S Affected: System Number BND-2006W000 versions FB and prior
Create a notification for this product.
    Mitsubishi Electric Corporation MITSUBISHI CNC M80 Series M80 Affected: System Number BND-2007W000 versions FB and prior
Create a notification for this product.
    Mitsubishi Electric Corporation MITSUBISHI CNC M80 Series M80W Affected: System Number BND-2008W000 versions FB and prior
Create a notification for this product.
    Mitsubishi Electric Corporation MITSUBISHI CNC E80 Series E80 Affected: System Number BND-2009W000 versions FB and prior
Create a notification for this product.
    Mitsubishi Electric Corporation MITSUBISHI CNC C80 Series C80 Affected: System Number BND-2036W000 versions BF and prior
Create a notification for this product.
    Mitsubishi Electric Corporation MITSUBISHI CNC M700V Series M720VW Affected: System Number BND-1015W000 versions LF and prior
Create a notification for this product.
    Mitsubishi Electric Corporation MITSUBISHI CNC M700V Series M730VW Affected: System Number BND-1015W000 versions LF and prior
Create a notification for this product.
    Mitsubishi Electric Corporation MITSUBISHI CNC M700V Series M750VW Affected: System Number BND-1015W002 versions LF and prior
Create a notification for this product.
    Mitsubishi Electric Corporation MITSUBISHI CNC M700V Series M720VS Affected: System Number BND-1012W000 versions LF and prior
Create a notification for this product.
    Mitsubishi Electric Corporation MITSUBISHI CNC M700V Series M730VS Affected: System Number BND-1012W000 versions LF and prior
Create a notification for this product.
    Mitsubishi Electric Corporation MITSUBISHI CNC M700V Series M750VS Affected: System Number BND-1012W002 versions LF and prior
Create a notification for this product.
    Mitsubishi Electric Corporation MITSUBISHI CNC M70V Series M70V Affected: System Number BND-1018W000 versions LF and prior
Create a notification for this product.
    Mitsubishi Electric Corporation MITSUBISHI CNC E70 Series E70 Affected: System Number BND-1022W000 versions LF and prior
Create a notification for this product.
    Mitsubishi Electric Corporation MITSUBISHI CNC IoT Unit Remote Service Gateway Unit Affected: System Number BND-2041W001 versions AD and prior
Create a notification for this product.
    Mitsubishi Electric Corporation MITSUBISHI CNC IoT Unit Data Acquisition Unit Affected: System Number BND-2041W002 all versions
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T06:55:02.703Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2023-007_en.pdf"
          },
          {
            "tags": [
              "government-resource",
              "x_transferred"
            ],
            "url": "https://jvn.jp/vu/JVNVU90352157/index.html"
          },
          {
            "tags": [
              "government-resource",
              "x_transferred"
            ],
            "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-208-03"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-3346",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-12-04T15:16:27.660728Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-12-04T15:16:48.710Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "MITSUBISHI CNC M800V Series M800VW",
          "vendor": "Mitsubishi Electric Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "System Number BND-2051W000 versions A8 and prior"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MITSUBISHI CNC M800V Series M800VS",
          "vendor": "Mitsubishi Electric Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "System Number BND-2052W000 versions A8 and prior"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MITSUBISHI CNC M80V Series M80V",
          "vendor": "Mitsubishi Electric Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "System Number BND-2053W000 versions A8 and prior"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MITSUBISHI CNC M80V Series M80VW",
          "vendor": "Mitsubishi Electric Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "System Number BND-2054W000 versions A8 and prior"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MITSUBISHI CNC M800 Series M800W",
          "vendor": "Mitsubishi Electric Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "System Number BND-2005W000 versions FB and prior"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MITSUBISHI CNC M800 Series M800S",
          "vendor": "Mitsubishi Electric Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "System Number BND-2006W000 versions FB and prior"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MITSUBISHI CNC M80 Series M80",
          "vendor": "Mitsubishi Electric Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "System Number BND-2007W000 versions FB and prior"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MITSUBISHI CNC M80 Series M80W",
          "vendor": "Mitsubishi Electric Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "System Number BND-2008W000 versions FB and prior"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MITSUBISHI CNC E80 Series E80",
          "vendor": "Mitsubishi Electric Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "System Number BND-2009W000 versions FB and prior"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MITSUBISHI CNC C80 Series C80",
          "vendor": "Mitsubishi Electric Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "System Number BND-2036W000 versions BF and prior"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MITSUBISHI CNC M700V Series M720VW",
          "vendor": "Mitsubishi Electric Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "System Number BND-1015W000 versions LF and prior"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MITSUBISHI CNC M700V Series M730VW",
          "vendor": "Mitsubishi Electric Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "System Number BND-1015W000 versions LF and prior"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MITSUBISHI CNC M700V Series M750VW",
          "vendor": "Mitsubishi Electric Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "System Number BND-1015W002 versions LF and prior"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MITSUBISHI CNC M700V Series M720VS",
          "vendor": "Mitsubishi Electric Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "System Number BND-1012W000 versions LF and prior"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MITSUBISHI CNC M700V Series M730VS",
          "vendor": "Mitsubishi Electric Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "System Number BND-1012W000 versions LF and prior"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MITSUBISHI CNC M700V Series M750VS",
          "vendor": "Mitsubishi Electric Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "System Number BND-1012W002 versions LF and prior"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MITSUBISHI CNC M70V Series M70V",
          "vendor": "Mitsubishi Electric Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "System Number BND-1018W000 versions LF and prior"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MITSUBISHI CNC E70 Series E70",
          "vendor": "Mitsubishi Electric Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "System Number BND-1022W000 versions LF and prior"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MITSUBISHI CNC IoT Unit Remote Service Gateway Unit",
          "vendor": "Mitsubishi Electric Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "System Number BND-2041W001 versions AD and prior"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MITSUBISHI CNC IoT Unit Data Acquisition Unit",
          "vendor": "Mitsubishi Electric Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "System Number BND-2041W002 all versions"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027) vulnerability in MITSUBSHI CNC Series allows a remote unauthenticated attacker to cause Denial of Service (DoS) condition and execute arbitrary code on the product by sending specially crafted packets. In addition, system reset is required for recovery."
            }
          ],
          "value": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027) vulnerability in MITSUBSHI CNC Series allows a remote unauthenticated attacker to cause Denial of Service (DoS) condition and execute arbitrary code on the product by sending specially crafted packets. In addition, system reset is required for recovery."
        }
      ],
      "impacts": [
        {
          "descriptions": [
            {
              "lang": "en",
              "value": "Denial of Service (DoS)"
            }
          ]
        },
        {
          "descriptions": [
            {
              "lang": "en",
              "value": "Remote Code Execution"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-120",
              "description": "CWE-120 Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-01-30T08:56:07.198Z",
        "orgId": "e0f77b61-78fd-4786-b3fb-1ee347a748ad",
        "shortName": "Mitsubishi"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2023-007_en.pdf"
        },
        {
          "tags": [
            "government-resource"
          ],
          "url": "https://jvn.jp/vu/JVNVU90352157/index.html"
        },
        {
          "tags": [
            "government-resource"
          ],
          "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-208-03"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Denial of Service (DoS) and Remote Code Execution Vulnerability in MITSUBISHI CNC Series",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "e0f77b61-78fd-4786-b3fb-1ee347a748ad",
    "assignerShortName": "Mitsubishi",
    "cveId": "CVE-2023-3346",
    "datePublished": "2023-08-03T04:00:43.294Z",
    "dateReserved": "2023-06-21T00:16:48.923Z",
    "dateUpdated": "2024-12-04T15:16:48.710Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:mitsubishielectric:c80_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4A2C7CEB-5419-4882-BECA-AB02BE7495ED\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:mitsubishielectric:c80:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0DB46E5E-A87C-4604-8478-2E380DE15B31\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:mitsubishielectric:e70_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"82CC77B6-113E-4E69-86C3-BDB958E0526C\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:mitsubishielectric:e70:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"861626CF-6AC2-4BDE-9204-4F2DF49DA3DD\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:mitsubishielectric:e80_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"58B7693B-002F-4D6B-81F4-0D220388EBFD\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:mitsubishielectric:e80:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6DF27249-85E2-4F4D-9BD4-0C46799C5F57\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:mitsubishielectric:m70v_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7FE99E00-C9B9-430D-B75A-040CFD4554BB\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:mitsubishielectric:m70v:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5AD8A2A3-6F05-44D2-B8F2-AF55EFE20B42\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:mitsubishielectric:m720vs_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"39A07397-727A-4B97-8F43-5CFE327E3865\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:mitsubishielectric:m720vs:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F72BE81B-4619-4199-8C21-D86687BCAE84\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:mitsubishielectric:m720vs_15-type_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B2E54EAC-DEA5-4A02-942A-46C7B4572806\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:mitsubishielectric:m720vs_15-type:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"53FC9159-9F15-475E-B6C5-573AFFBBA2FF\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:mitsubishielectric:m720vw_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"30C5B6DC-59BD-4776-8C85-8880C2F7E4F8\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:mitsubishielectric:m720vw:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7112B6B5-8BE6-4E9C-B6D6-F64A31A80E6B\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:mitsubishielectric:m730vs_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"51074DCA-06DB-4826-9800-7CB2C0C3F278\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:mitsubishielectric:m730vs:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2AFFF519-B76C-465C-9477-6D78787E9F1A\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:mitsubishielectric:m730vs_15-type_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0C56F2A9-D660-41A9-B981-049254E48714\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:mitsubishielectric:m730vs_15-type:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C146ACAB-EF80-429F-8766-B569DC26340E\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:mitsubishielectric:m730vw_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6246A9B0-3FA3-485A-A496-C507B1843FE2\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:mitsubishielectric:m730vw:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"10B71551-4B72-4AD5-B84B-4CED5EC2D83E\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:mitsubishielectric:m750vs_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3D9B05DD-6999-4791-A80B-201760E0211B\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:mitsubishielectric:m750vs:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5E8E44BF-BF71-433C-B7FB-DE2634004D3E\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:mitsubishielectric:m750vs_15-type_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BD5D709A-3D6E-49C3-93B5-3832730AEF7B\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:mitsubishielectric:m750vs_15-type:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"60BEB709-AF9D-4219-B172-A587759B3342\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:mitsubishielectric:m750vw_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1C3FC16E-D7DA-494B-81A1-4592C17CA7E9\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:mitsubishielectric:m750vw:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"753EB189-5262-443D-8755-BEAF00E92D73\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:mitsubishielectric:m80_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B563724A-AA22-45E5-956B-D8BA51103019\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:mitsubishielectric:m80:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5EC6F60E-A347-4548-ABE4-79810909A35C\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:mitsubishielectric:m800s_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"52768FEC-7702-46DB-BDAB-BA0F755BE63E\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:mitsubishielectric:m800s:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8A1D9E22-4B8C-4410-B048-A4F788041859\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:mitsubishielectric:m800vs_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"25030420-528F-45F4-A8D6-0D5A26B4C76C\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:mitsubishielectric:m800vs:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EB41007C-BD6F-4021-AD65-5DDBA614651E\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:mitsubishielectric:m800vw_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"97EEFDE5-AEF0-4AB6-993A-D9F38A8CEEFD\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:mitsubishielectric:m800vw:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7D4BB785-DCE3-4B75-9988-BB0F4DB5995B\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:mitsubishielectric:m800w_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6A8D3F93-1889-40B8-940D-64FF5219F3D3\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:mitsubishielectric:m800w:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D9AAE983-B324-47B3-A0CF-DCB99411CBFA\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:mitsubishielectric:m80v_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"579711D7-A4E8-4313-B404-4D662A37FD63\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:mitsubishielectric:m80v:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0E202965-D914-4A4C-BE8A-860EDA0ADFD5\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:mitsubishielectric:m80vw_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A3F836BE-AF19-45AC-BE38-B75634733EF1\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:mitsubishielectric:m80vw:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C845690F-D539-477B-987A-EC7EEEFB4C66\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:mitsubishielectric:m80w_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"81C5D5C5-D0A7-4629-9238-E5BF62BB84C3\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:mitsubishielectric:m80w:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"269F1D28-50E1-41A3-BBCF-E71EB68D3FEF\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027) vulnerability in MITSUBSHI CNC Series allows a remote unauthenticated attacker to cause Denial of Service (DoS) condition and execute arbitrary code on the product by sending specially crafted packets. In addition, system reset is required for recovery.\"}]",
      "id": "CVE-2023-3346",
      "lastModified": "2024-11-21T08:17:04.037",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 9.8, \"baseSeverity\": \"CRITICAL\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 5.9}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 9.8, \"baseSeverity\": \"CRITICAL\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 5.9}]}",
      "published": "2023-08-03T05:15:10.603",
      "references": "[{\"url\": \"https://jvn.jp/vu/JVNVU90352157/index.html\", \"source\": \"Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.cisa.gov/news-events/ics-advisories/icsa-23-208-03\", \"source\": \"Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp\", \"tags\": [\"Third Party Advisory\", \"US Government Resource\"]}, {\"url\": \"https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2023-007_en.pdf\", \"source\": \"Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://jvn.jp/vu/JVNVU90352157/index.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.cisa.gov/news-events/ics-advisories/icsa-23-208-03\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"US Government Resource\"]}, {\"url\": \"https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2023-007_en.pdf\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
      "sourceIdentifier": "Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-120\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-120\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2023-3346\",\"sourceIdentifier\":\"Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp\",\"published\":\"2023-08-03T05:15:10.603\",\"lastModified\":\"2024-11-21T08:17:04.037\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027) vulnerability in MITSUBSHI CNC Series allows a remote unauthenticated attacker to cause Denial of Service (DoS) condition and execute arbitrary code on the product by sending specially crafted packets. In addition, system reset is required for recovery.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-120\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-120\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:mitsubishielectric:c80_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4A2C7CEB-5419-4882-BECA-AB02BE7495ED\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:mitsubishielectric:c80:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0DB46E5E-A87C-4604-8478-2E380DE15B31\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:mitsubishielectric:e70_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"82CC77B6-113E-4E69-86C3-BDB958E0526C\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:mitsubishielectric:e70:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"861626CF-6AC2-4BDE-9204-4F2DF49DA3DD\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:mitsubishielectric:e80_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"58B7693B-002F-4D6B-81F4-0D220388EBFD\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:mitsubishielectric:e80:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6DF27249-85E2-4F4D-9BD4-0C46799C5F57\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:mitsubishielectric:m70v_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7FE99E00-C9B9-430D-B75A-040CFD4554BB\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:mitsubishielectric:m70v:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5AD8A2A3-6F05-44D2-B8F2-AF55EFE20B42\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:mitsubishielectric:m720vs_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"39A07397-727A-4B97-8F43-5CFE327E3865\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:mitsubishielectric:m720vs:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F72BE81B-4619-4199-8C21-D86687BCAE84\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:mitsubishielectric:m720vs_15-type_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B2E54EAC-DEA5-4A02-942A-46C7B4572806\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:mitsubishielectric:m720vs_15-type:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"53FC9159-9F15-475E-B6C5-573AFFBBA2FF\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:mitsubishielectric:m720vw_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"30C5B6DC-59BD-4776-8C85-8880C2F7E4F8\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:mitsubishielectric:m720vw:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7112B6B5-8BE6-4E9C-B6D6-F64A31A80E6B\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:mitsubishielectric:m730vs_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"51074DCA-06DB-4826-9800-7CB2C0C3F278\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:mitsubishielectric:m730vs:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2AFFF519-B76C-465C-9477-6D78787E9F1A\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:mitsubishielectric:m730vs_15-type_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0C56F2A9-D660-41A9-B981-049254E48714\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:mitsubishielectric:m730vs_15-type:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C146ACAB-EF80-429F-8766-B569DC26340E\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:mitsubishielectric:m730vw_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6246A9B0-3FA3-485A-A496-C507B1843FE2\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:mitsubishielectric:m730vw:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"10B71551-4B72-4AD5-B84B-4CED5EC2D83E\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:mitsubishielectric:m750vs_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3D9B05DD-6999-4791-A80B-201760E0211B\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:mitsubishielectric:m750vs:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5E8E44BF-BF71-433C-B7FB-DE2634004D3E\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:mitsubishielectric:m750vs_15-type_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BD5D709A-3D6E-49C3-93B5-3832730AEF7B\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:mitsubishielectric:m750vs_15-type:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"60BEB709-AF9D-4219-B172-A587759B3342\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:mitsubishielectric:m750vw_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1C3FC16E-D7DA-494B-81A1-4592C17CA7E9\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:mitsubishielectric:m750vw:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"753EB189-5262-443D-8755-BEAF00E92D73\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:mitsubishielectric:m80_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B563724A-AA22-45E5-956B-D8BA51103019\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:mitsubishielectric:m80:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5EC6F60E-A347-4548-ABE4-79810909A35C\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:mitsubishielectric:m800s_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"52768FEC-7702-46DB-BDAB-BA0F755BE63E\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:mitsubishielectric:m800s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8A1D9E22-4B8C-4410-B048-A4F788041859\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:mitsubishielectric:m800vs_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"25030420-528F-45F4-A8D6-0D5A26B4C76C\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:mitsubishielectric:m800vs:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EB41007C-BD6F-4021-AD65-5DDBA614651E\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:mitsubishielectric:m800vw_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"97EEFDE5-AEF0-4AB6-993A-D9F38A8CEEFD\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:mitsubishielectric:m800vw:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7D4BB785-DCE3-4B75-9988-BB0F4DB5995B\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:mitsubishielectric:m800w_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6A8D3F93-1889-40B8-940D-64FF5219F3D3\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:mitsubishielectric:m800w:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D9AAE983-B324-47B3-A0CF-DCB99411CBFA\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:mitsubishielectric:m80v_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"579711D7-A4E8-4313-B404-4D662A37FD63\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:mitsubishielectric:m80v:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0E202965-D914-4A4C-BE8A-860EDA0ADFD5\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:mitsubishielectric:m80vw_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A3F836BE-AF19-45AC-BE38-B75634733EF1\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:mitsubishielectric:m80vw:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C845690F-D539-477B-987A-EC7EEEFB4C66\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:mitsubishielectric:m80w_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"81C5D5C5-D0A7-4629-9238-E5BF62BB84C3\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:mitsubishielectric:m80w:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"269F1D28-50E1-41A3-BBCF-E71EB68D3FEF\"}]}]}],\"references\":[{\"url\":\"https://jvn.jp/vu/JVNVU90352157/index.html\",\"source\":\"Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.cisa.gov/news-events/ics-advisories/icsa-23-208-03\",\"source\":\"Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2023-007_en.pdf\",\"source\":\"Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://jvn.jp/vu/JVNVU90352157/index.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.cisa.gov/news-events/ics-advisories/icsa-23-208-03\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2023-007_en.pdf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2023-007_en.pdf\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://jvn.jp/vu/JVNVU90352157/index.html\", \"tags\": [\"government-resource\", \"x_transferred\"]}, {\"url\": \"https://www.cisa.gov/news-events/ics-advisories/icsa-23-208-03\", \"tags\": [\"government-resource\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-02T06:55:02.703Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2023-3346\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-12-04T15:16:27.660728Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-12-04T15:16:43.051Z\"}}], \"cna\": {\"title\": \"Denial of Service (DoS) and Remote Code Execution Vulnerability in MITSUBISHI CNC Series\", \"source\": {\"discovery\": \"UNKNOWN\"}, \"impacts\": [{\"descriptions\": [{\"lang\": \"en\", \"value\": \"Denial of Service (DoS)\"}]}, {\"descriptions\": [{\"lang\": \"en\", \"value\": \"Remote Code Execution\"}]}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 9.8, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"CRITICAL\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"Mitsubishi Electric Corporation\", \"product\": \"MITSUBISHI CNC M800V Series M800VW\", \"versions\": [{\"status\": \"affected\", \"version\": \"System Number BND-2051W000 versions A8 and prior\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"Mitsubishi Electric Corporation\", \"product\": \"MITSUBISHI CNC M800V Series M800VS\", \"versions\": [{\"status\": \"affected\", \"version\": \"System Number BND-2052W000 versions A8 and prior\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"Mitsubishi Electric Corporation\", \"product\": \"MITSUBISHI CNC M80V Series M80V\", \"versions\": [{\"status\": \"affected\", \"version\": \"System Number BND-2053W000 versions A8 and prior\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"Mitsubishi Electric Corporation\", \"product\": \"MITSUBISHI CNC M80V Series M80VW\", \"versions\": [{\"status\": \"affected\", \"version\": \"System Number BND-2054W000 versions A8 and prior\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"Mitsubishi Electric Corporation\", \"product\": \"MITSUBISHI CNC M800 Series M800W\", \"versions\": [{\"status\": \"affected\", \"version\": \"System Number BND-2005W000 versions FB and prior\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"Mitsubishi Electric Corporation\", \"product\": \"MITSUBISHI CNC M800 Series M800S\", \"versions\": [{\"status\": \"affected\", \"version\": \"System Number BND-2006W000 versions FB and prior\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"Mitsubishi Electric Corporation\", \"product\": \"MITSUBISHI CNC M80 Series M80\", \"versions\": [{\"status\": \"affected\", \"version\": \"System Number BND-2007W000 versions FB and prior\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"Mitsubishi Electric Corporation\", \"product\": \"MITSUBISHI CNC M80 Series M80W\", \"versions\": [{\"status\": \"affected\", \"version\": \"System Number BND-2008W000 versions FB and prior\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"Mitsubishi Electric Corporation\", \"product\": \"MITSUBISHI CNC E80 Series E80\", \"versions\": [{\"status\": \"affected\", \"version\": \"System Number BND-2009W000 versions FB and prior\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"Mitsubishi Electric Corporation\", \"product\": \"MITSUBISHI CNC C80 Series C80\", \"versions\": [{\"status\": \"affected\", \"version\": \"System Number BND-2036W000 versions BF and prior\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"Mitsubishi Electric Corporation\", \"product\": \"MITSUBISHI CNC M700V Series M720VW\", \"versions\": [{\"status\": \"affected\", \"version\": \"System Number BND-1015W000 versions LF and prior\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"Mitsubishi Electric Corporation\", \"product\": \"MITSUBISHI CNC M700V Series M730VW\", \"versions\": [{\"status\": \"affected\", \"version\": \"System Number BND-1015W000 versions LF and prior\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"Mitsubishi Electric Corporation\", \"product\": \"MITSUBISHI CNC M700V Series M750VW\", \"versions\": [{\"status\": \"affected\", \"version\": \"System Number BND-1015W002 versions LF and prior\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"Mitsubishi Electric Corporation\", \"product\": \"MITSUBISHI CNC M700V Series M720VS\", \"versions\": [{\"status\": \"affected\", \"version\": \"System Number BND-1012W000 versions LF and prior\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"Mitsubishi Electric Corporation\", \"product\": \"MITSUBISHI CNC M700V Series M730VS\", \"versions\": [{\"status\": \"affected\", \"version\": \"System Number BND-1012W000 versions LF and prior\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"Mitsubishi Electric Corporation\", \"product\": \"MITSUBISHI CNC M700V Series M750VS\", \"versions\": [{\"status\": \"affected\", \"version\": \"System Number BND-1012W002 versions LF and prior\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"Mitsubishi Electric Corporation\", \"product\": \"MITSUBISHI CNC M70V Series M70V\", \"versions\": [{\"status\": \"affected\", \"version\": \"System Number BND-1018W000 versions LF and prior\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"Mitsubishi Electric Corporation\", \"product\": \"MITSUBISHI CNC E70 Series E70\", \"versions\": [{\"status\": \"affected\", \"version\": \"System Number BND-1022W000 versions LF and prior\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"Mitsubishi Electric Corporation\", \"product\": \"MITSUBISHI CNC IoT Unit Remote Service Gateway Unit\", \"versions\": [{\"status\": \"affected\", \"version\": \"System Number BND-2041W001 versions AD and prior\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"Mitsubishi Electric Corporation\", \"product\": \"MITSUBISHI CNC IoT Unit Data Acquisition Unit\", \"versions\": [{\"status\": \"affected\", \"version\": \"System Number BND-2041W002 all versions\"}], \"defaultStatus\": \"unaffected\"}], \"references\": [{\"url\": \"https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2023-007_en.pdf\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://jvn.jp/vu/JVNVU90352157/index.html\", \"tags\": [\"government-resource\"]}, {\"url\": \"https://www.cisa.gov/news-events/ics-advisories/icsa-23-208-03\", \"tags\": [\"government-resource\"]}], \"x_generator\": {\"engine\": \"Vulnogram 0.1.0-dev\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027) vulnerability in MITSUBSHI CNC Series allows a remote unauthenticated attacker to cause Denial of Service (DoS) condition and execute arbitrary code on the product by sending specially crafted packets. In addition, system reset is required for recovery.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027) vulnerability in MITSUBSHI CNC Series allows a remote unauthenticated attacker to cause Denial of Service (DoS) condition and execute arbitrary code on the product by sending specially crafted packets. In addition, system reset is required for recovery.\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-120\", \"description\": \"CWE-120 Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)\"}]}], \"providerMetadata\": {\"orgId\": \"e0f77b61-78fd-4786-b3fb-1ee347a748ad\", \"shortName\": \"Mitsubishi\", \"dateUpdated\": \"2024-01-30T08:56:07.198Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2023-3346\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-12-04T15:16:48.710Z\", \"dateReserved\": \"2023-06-21T00:16:48.923Z\", \"assignerOrgId\": \"e0f77b61-78fd-4786-b3fb-1ee347a748ad\", \"datePublished\": \"2023-08-03T04:00:43.294Z\", \"assignerShortName\": \"Mitsubishi\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.