cvelistv5 - cve-2024-1917

CVE-2024-1917 (GCVE-0-2024-1917)

Vulnerability from cvelistv5 – Published: 2024-03-15 00:02 – Updated: 2024-08-27 19:58

Summary

Severity ?

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-190 - Integer Overflow or Wraparound

Assigner

Mitsubishi

References

URL

Tags

	https://www.mitsubishielectric.com/en/psirt/vulne…	vendor-advisory
	https://jvn.jp/vu/JVNVU99690199/	government-resource
	https://www.cisa.gov/news-events/ics-advisories/i…	government-resource

Impacted products

Vendor

Product

Version

Mitsubishi Electric Corporation

MELSEC-Q Series Q03UDECPU

Affected: The first 5 digits of serial No. "26061" and prior

Mitsubishi Electric Corporation	MELSEC-Q Series Q04UDEHCPU	Affected: The first 5 digits of serial No. "26061" and prior
Mitsubishi Electric Corporation	MELSEC-Q Series Q06UDEHCPU	Affected: The first 5 digits of serial No. "26061" and prior
Mitsubishi Electric Corporation	MELSEC-Q Series Q10UDEHCPU	Affected: The first 5 digits of serial No. "26061" and prior
Mitsubishi Electric Corporation	MELSEC-Q Series Q13UDEHCPU	Affected: The first 5 digits of serial No. "26061" and prior
Mitsubishi Electric Corporation	MELSEC-Q Series Q20UDEHCPU	Affected: The first 5 digits of serial No. "26061" and prior
Mitsubishi Electric Corporation	MELSEC-Q Series Q26UDEHCPU	Affected: The first 5 digits of serial No. "26061" and prior
Mitsubishi Electric Corporation	MELSEC-Q Series Q50UDEHCPU	Affected: The first 5 digits of serial No. "26061" and prior
Mitsubishi Electric Corporation	MELSEC-Q Series Q100UDEHCPU	Affected: The first 5 digits of serial No. "26061" and prior
Mitsubishi Electric Corporation	MELSEC-Q Series Q03UDVCPU	Affected: The first 5 digits of serial No. "26061" and prior
Mitsubishi Electric Corporation	MELSEC-Q Series Q04UDVCPU	Affected: The first 5 digits of serial No. "26061" and prior
Mitsubishi Electric Corporation	MELSEC-Q Series Q06UDVCPU	Affected: The first 5 digits of serial No. "26061" and prior
Mitsubishi Electric Corporation	MELSEC-Q Series Q13UDVCPU	Affected: The first 5 digits of serial No. "26061" and prior
Mitsubishi Electric Corporation	MELSEC-Q Series Q26UDVCPU	Affected: The first 5 digits of serial No. "26061" and prior
Mitsubishi Electric Corporation	MELSEC-Q Series Q04UDPVCPU	Affected: The first 5 digits of serial No. "26061" and prior
Mitsubishi Electric Corporation	MELSEC-Q Series Q06UDPVCPU	Affected: The first 5 digits of serial No. "26061" and prior
Mitsubishi Electric Corporation	MELSEC-Q Series Q13UDPVCPU	Affected: The first 5 digits of serial No. "26061" and prior
Mitsubishi Electric Corporation	MELSEC-Q Series Q26UDPVCPU	Affected: The first 5 digits of serial No. "26061" and prior
Mitsubishi Electric Corporation	MELSEC-L Series L02CPU	Affected: The first 5 digits of serial No. "26041" and prior
Mitsubishi Electric Corporation	MELSEC-L Series L06CPU	Affected: The first 5 digits of serial No. "26041" and prior
Mitsubishi Electric Corporation	MELSEC-L Series L26CPU	Affected: The first 5 digits of serial No. "26041" and prior
Mitsubishi Electric Corporation	MELSEC-L Series L02CPU-P	Affected: The first 5 digits of serial No. "26041" and prior
Mitsubishi Electric Corporation	MELSEC-L Series L06CPU-P	Affected: The first 5 digits of serial No. "26041" and prior
Mitsubishi Electric Corporation	MELSEC-L Series L26CPU-P	Affected: The first 5 digits of serial No. "26041" and prior
Mitsubishi Electric Corporation	MELSEC-L Series L26CPU-BT	Affected: The first 5 digits of serial No. "26041" and prior
Mitsubishi Electric Corporation	MELSEC-L Series L26CPU-PBT	Affected: The first 5 digits of serial No. "26041" and prior

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T18:56:22.476Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2023-024_en.pdf"
          },
          {
            "tags": [
              "government-resource",
              "x_transferred"
            ],
            "url": "https://jvn.jp/vu/JVNVU99690199/"
          },
          {
            "tags": [
              "government-resource",
              "x_transferred"
            ],
            "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-074-14"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:h:mitsubishielectric:melsec_q-q03udecpu:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "melsec_q-q03udecpu",
            "vendor": "mitsubishielectric",
            "versions": [
              {
                "lessThan": "xxxxx26061",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mitsubishielectric:melsec_q-q04udehcpu:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "melsec_q-q04udehcpu",
            "vendor": "mitsubishielectric",
            "versions": [
              {
                "lessThan": "xxxxx26061",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mitsubishielectric:melsec_q-q06udehcpu:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "melsec_q-q06udehcpu",
            "vendor": "mitsubishielectric",
            "versions": [
              {
                "lessThan": "xxxxx26061",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mitsubishielectric:melsec_q-q10udehcpu:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "melsec_q-q10udehcpu",
            "vendor": "mitsubishielectric",
            "versions": [
              {
                "lessThan": "xxxxx26061",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mitsubishielectric:melsec_q-q13udehcpu:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "melsec_q-q13udehcpu",
            "vendor": "mitsubishielectric",
            "versions": [
              {
                "lessThan": "xxxxx26061",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mitsubishielectric:melsec_q-q20udehcpu:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "melsec_q-q20udehcpu",
            "vendor": "mitsubishielectric",
            "versions": [
              {
                "lessThan": "xxxxx26061",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mitsubishielectric:melsec_q-q26udehcpu:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "melsec_q-q26udehcpu",
            "vendor": "mitsubishielectric",
            "versions": [
              {
                "lessThan": "xxxxx26061",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mitsubishielectric:melsec_q-q50udehcpu:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "melsec_q-q50udehcpu",
            "vendor": "mitsubishielectric",
            "versions": [
              {
                "lessThan": "xxxxx26061",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mitsubishielectric:melsec_q-q100udehcpu:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "melsec_q-q100udehcpu",
            "vendor": "mitsubishielectric",
            "versions": [
              {
                "lessThan": "xxxxx26061",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mitsubishi:melsec_q03udvcpu:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "melsec_q03udvcpu",
            "vendor": "mitsubishi",
            "versions": [
              {
                "lessThan": "xxxxx26061",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mitsubishi:melsec_q04udvcpu:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "melsec_q04udvcpu",
            "vendor": "mitsubishi",
            "versions": [
              {
                "lessThan": "xxxxx26061",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mitsubishi:melsec_q06udvcpu:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "melsec_q06udvcpu",
            "vendor": "mitsubishi",
            "versions": [
              {
                "lessThan": "xxxxx26061",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mitsubishi:melsec_q13udvcpu:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "melsec_q13udvcpu",
            "vendor": "mitsubishi",
            "versions": [
              {
                "lessThan": "xxxxx26061",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mitsubishi:melsec_q26udvcpu:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "melsec_q26udvcpu",
            "vendor": "mitsubishi",
            "versions": [
              {
                "lessThan": "xxxxx26061",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mitsubishi:melsec_q06udpvcpu:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "melsec_q06udpvcpu",
            "vendor": "mitsubishi",
            "versions": [
              {
                "lessThan": "xxxxx26061",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mitsubishi:melsec_q13udpvcpu:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "melsec_q13udpvcpu",
            "vendor": "mitsubishi",
            "versions": [
              {
                "lessThan": "xxxxx26061",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mitsubishi:melsec_q26udpvcpu:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "melsec_q26udpvcpu",
            "vendor": "mitsubishi",
            "versions": [
              {
                "lessThan": "xxxxx26061",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mitsubishielectric:l02cpu-p:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "l02cpu-p",
            "vendor": "mitsubishielectric",
            "versions": [
              {
                "lessThan": "xxxxx26041",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mitsubishi:melsec_l06cpu\\(-p\\):-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "melsec_l06cpu\\(-p\\)",
            "vendor": "mitsubishi",
            "versions": [
              {
                "lessThan": "xxxxx26041",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mitsubishi:melsec_l26cpu\\(-p\\):-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "melsec_l26cpu\\(-p\\)",
            "vendor": "mitsubishi",
            "versions": [
              {
                "lessThan": "xxxxx26041",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mitsubishielectric:melsec_l02cpu-p:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "melsec_l02cpu-p",
            "vendor": "mitsubishielectric",
            "versions": [
              {
                "lessThan": "xxxxx26041",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mitsubishielectric:melsec_l06cpu-p:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "melsec_l06cpu-p",
            "vendor": "mitsubishielectric",
            "versions": [
              {
                "lessThan": "xxxxx26041",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mitsubishielectric:melsec_l26cpu-p:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "melsec_l26cpu-p",
            "vendor": "mitsubishielectric",
            "versions": [
              {
                "lessThan": "xxxxx26041",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mitsubishielectric:l26cpu-bt:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "l26cpu-bt",
            "vendor": "mitsubishielectric",
            "versions": [
              {
                "lessThan": "xxxxx26041",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mitsubishielectric:melsec_l26cpu-pbt:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "melsec_l26cpu-pbt",
            "vendor": "mitsubishielectric",
            "versions": [
              {
                "lessThan": "xxxxx26041",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-1917",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-08-27T19:57:53.325242Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-08-27T19:58:12.567Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "MELSEC-Q Series Q03UDECPU",
          "vendor": "Mitsubishi Electric Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "The first 5 digits of serial No. \"26061\" and prior"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MELSEC-Q Series Q04UDEHCPU",
          "vendor": "Mitsubishi Electric Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "The first 5 digits of serial No. \"26061\" and prior"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MELSEC-Q Series Q06UDEHCPU",
          "vendor": "Mitsubishi Electric Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "The first 5 digits of serial No. \"26061\" and prior"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MELSEC-Q Series Q10UDEHCPU",
          "vendor": "Mitsubishi Electric Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "The first 5 digits of serial No. \"26061\" and prior"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MELSEC-Q Series Q13UDEHCPU",
          "vendor": "Mitsubishi Electric Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "The first 5 digits of serial No. \"26061\" and prior"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MELSEC-Q Series Q20UDEHCPU",
          "vendor": "Mitsubishi Electric Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "The first 5 digits of serial No. \"26061\" and prior"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MELSEC-Q Series Q26UDEHCPU",
          "vendor": "Mitsubishi Electric Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "The first 5 digits of serial No. \"26061\" and prior"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MELSEC-Q Series Q50UDEHCPU",
          "vendor": "Mitsubishi Electric Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "The first 5 digits of serial No. \"26061\" and prior"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MELSEC-Q Series Q100UDEHCPU",
          "vendor": "Mitsubishi Electric Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "The first 5 digits of serial No. \"26061\" and prior"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MELSEC-Q Series Q03UDVCPU",
          "vendor": "Mitsubishi Electric Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "The first 5 digits of serial No. \"26061\" and prior"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MELSEC-Q Series Q04UDVCPU",
          "vendor": "Mitsubishi Electric Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "The first 5 digits of serial No. \"26061\" and prior"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MELSEC-Q Series Q06UDVCPU",
          "vendor": "Mitsubishi Electric Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "The first 5 digits of serial No. \"26061\" and prior"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MELSEC-Q Series Q13UDVCPU",
          "vendor": "Mitsubishi Electric Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "The first 5 digits of serial No. \"26061\" and prior"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MELSEC-Q Series Q26UDVCPU",
          "vendor": "Mitsubishi Electric Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "The first 5 digits of serial No. \"26061\" and prior"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MELSEC-Q Series Q04UDPVCPU",
          "vendor": "Mitsubishi Electric Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "The first 5 digits of serial No. \"26061\" and prior"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MELSEC-Q Series Q06UDPVCPU",
          "vendor": "Mitsubishi Electric Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "The first 5 digits of serial No. \"26061\" and prior"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MELSEC-Q Series Q13UDPVCPU",
          "vendor": "Mitsubishi Electric Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "The first 5 digits of serial No. \"26061\" and prior"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MELSEC-Q Series Q26UDPVCPU",
          "vendor": "Mitsubishi Electric Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "The first 5 digits of serial No. \"26061\" and prior"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MELSEC-L Series L02CPU",
          "vendor": "Mitsubishi Electric Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "The first 5 digits of serial No. \"26041\" and prior"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MELSEC-L Series L06CPU",
          "vendor": "Mitsubishi Electric Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "The first 5 digits of serial No. \"26041\" and prior"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MELSEC-L Series L26CPU",
          "vendor": "Mitsubishi Electric Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "The first 5 digits of serial No. \"26041\" and prior"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MELSEC-L Series L02CPU-P",
          "vendor": "Mitsubishi Electric Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "The first 5 digits of serial No. \"26041\" and prior"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MELSEC-L Series L06CPU-P",
          "vendor": "Mitsubishi Electric Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "The first 5 digits of serial No. \"26041\" and prior"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MELSEC-L Series L26CPU-P",
          "vendor": "Mitsubishi Electric Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "The first 5 digits of serial No. \"26041\" and prior"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MELSEC-L Series L26CPU-BT",
          "vendor": "Mitsubishi Electric Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "The first 5 digits of serial No. \"26041\" and prior"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MELSEC-L Series L26CPU-PBT",
          "vendor": "Mitsubishi Electric Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "The first 5 digits of serial No. \"26041\" and prior"
            }
          ]
        }
      ],
      "datePublic": "2024-03-14T03:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Integer Overflow or Wraparound vulnerability in Mitsubishi Electric Corporation MELSEC-Q Series and MELSEC-L Series CPU modules allows a remote unauthenticated attacker to execute malicious code on a target product by sending a specially crafted packet."
            }
          ],
          "value": "Integer Overflow or Wraparound vulnerability in Mitsubishi Electric Corporation MELSEC-Q Series and MELSEC-L Series CPU modules allows a remote unauthenticated attacker to execute malicious code on a target product by sending a specially crafted packet."
        }
      ],
      "impacts": [
        {
          "descriptions": [
            {
              "lang": "en",
              "value": "Remote Code Execution"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-190",
              "description": "CWE-190 Integer Overflow or Wraparound",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-06-14T00:05:06.682Z",
        "orgId": "e0f77b61-78fd-4786-b3fb-1ee347a748ad",
        "shortName": "Mitsubishi"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2023-024_en.pdf"
        },
        {
          "tags": [
            "government-resource"
          ],
          "url": "https://jvn.jp/vu/JVNVU99690199/"
        },
        {
          "tags": [
            "government-resource"
          ],
          "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-074-14"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "e0f77b61-78fd-4786-b3fb-1ee347a748ad",
    "assignerShortName": "Mitsubishi",
    "cveId": "CVE-2024-1917",
    "datePublished": "2024-03-15T00:02:39.351Z",
    "dateReserved": "2024-02-27T06:32:47.752Z",
    "dateUpdated": "2024-08-27T19:58:12.567Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Integer Overflow or Wraparound vulnerability in Mitsubishi Electric Corporation MELSEC-Q Series and MELSEC-L Series CPU modules allows a remote unauthenticated attacker to execute malicious code on a target product by sending a specially crafted packet.\"}, {\"lang\": \"es\", \"value\": \"Vulnerabilidad de desbordamiento de enteros o envoltura en los m\\u00f3dulos de CPU de las series MELSEC-Q y MELSEC-L de Mitsubishi Electric Corporation permite que un atacante remoto no autenticado ejecute c\\u00f3digo malicioso en un producto objetivo enviando un paquete especialmente manipulado.\"}]",
      "id": "CVE-2024-1917",
      "lastModified": "2024-11-21T08:51:35.613",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 9.8, \"baseSeverity\": \"CRITICAL\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 5.9}]}",
      "published": "2024-03-15T01:15:58.590",
      "references": "[{\"url\": \"https://jvn.jp/vu/JVNVU99690199/\", \"source\": \"Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp\"}, {\"url\": \"https://www.cisa.gov/news-events/ics-advisories/icsa-24-074-14\", \"source\": \"Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp\"}, {\"url\": \"https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2023-024_en.pdf\", \"source\": \"Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp\"}, {\"url\": \"https://jvn.jp/vu/JVNVU99690199/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://www.cisa.gov/news-events/ics-advisories/icsa-24-074-14\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2023-024_en.pdf\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp",
      "vulnStatus": "Awaiting Analysis",
      "weaknesses": "[{\"source\": \"Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-190\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-1917\",\"sourceIdentifier\":\"Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp\",\"published\":\"2024-03-15T01:15:58.590\",\"lastModified\":\"2024-11-21T08:51:35.613\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Integer Overflow or Wraparound vulnerability in Mitsubishi Electric Corporation MELSEC-Q Series and MELSEC-L Series CPU modules allows a remote unauthenticated attacker to execute malicious code on a target product by sending a specially crafted packet.\"},{\"lang\":\"es\",\"value\":\"Vulnerabilidad de desbordamiento de enteros o envoltura en los m\u00f3dulos de CPU de las series MELSEC-Q y MELSEC-L de Mitsubishi Electric Corporation permite que un atacante remoto no autenticado ejecute c\u00f3digo malicioso en un producto objetivo enviando un paquete especialmente manipulado.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-190\"}]}],\"references\":[{\"url\":\"https://jvn.jp/vu/JVNVU99690199/\",\"source\":\"Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp\"},{\"url\":\"https://www.cisa.gov/news-events/ics-advisories/icsa-24-074-14\",\"source\":\"Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp\"},{\"url\":\"https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2023-024_en.pdf\",\"source\":\"Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp\"},{\"url\":\"https://jvn.jp/vu/JVNVU99690199/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.cisa.gov/news-events/ics-advisories/icsa-24-074-14\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2023-024_en.pdf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2023-024_en.pdf\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://jvn.jp/vu/JVNVU99690199/\", \"tags\": [\"government-resource\", \"x_transferred\"]}, {\"url\": \"https://www.cisa.gov/news-events/ics-advisories/icsa-24-074-14\", \"tags\": [\"government-resource\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-01T18:56:22.476Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-1917\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-08-27T19:57:53.325242Z\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:h:mitsubishielectric:melsec_q-q03udecpu:-:*:*:*:*:*:*:*\"], \"vendor\": \"mitsubishielectric\", \"product\": \"melsec_q-q03udecpu\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"xxxxx26061\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:h:mitsubishielectric:melsec_q-q04udehcpu:-:*:*:*:*:*:*:*\"], \"vendor\": \"mitsubishielectric\", \"product\": \"melsec_q-q04udehcpu\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"xxxxx26061\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:h:mitsubishielectric:melsec_q-q06udehcpu:-:*:*:*:*:*:*:*\"], \"vendor\": \"mitsubishielectric\", \"product\": \"melsec_q-q06udehcpu\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"xxxxx26061\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:h:mitsubishielectric:melsec_q-q10udehcpu:-:*:*:*:*:*:*:*\"], \"vendor\": \"mitsubishielectric\", \"product\": \"melsec_q-q10udehcpu\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"xxxxx26061\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:h:mitsubishielectric:melsec_q-q13udehcpu:-:*:*:*:*:*:*:*\"], \"vendor\": \"mitsubishielectric\", \"product\": \"melsec_q-q13udehcpu\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"xxxxx26061\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:h:mitsubishielectric:melsec_q-q20udehcpu:-:*:*:*:*:*:*:*\"], \"vendor\": \"mitsubishielectric\", \"product\": \"melsec_q-q20udehcpu\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"xxxxx26061\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:h:mitsubishielectric:melsec_q-q26udehcpu:-:*:*:*:*:*:*:*\"], \"vendor\": \"mitsubishielectric\", \"product\": \"melsec_q-q26udehcpu\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"xxxxx26061\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:h:mitsubishielectric:melsec_q-q50udehcpu:-:*:*:*:*:*:*:*\"], \"vendor\": \"mitsubishielectric\", \"product\": \"melsec_q-q50udehcpu\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"xxxxx26061\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:h:mitsubishielectric:melsec_q-q100udehcpu:-:*:*:*:*:*:*:*\"], \"vendor\": \"mitsubishielectric\", \"product\": \"melsec_q-q100udehcpu\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"xxxxx26061\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:h:mitsubishi:melsec_q03udvcpu:-:*:*:*:*:*:*:*\"], \"vendor\": \"mitsubishi\", \"product\": \"melsec_q03udvcpu\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"xxxxx26061\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:h:mitsubishi:melsec_q04udvcpu:-:*:*:*:*:*:*:*\"], \"vendor\": \"mitsubishi\", \"product\": \"melsec_q04udvcpu\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"xxxxx26061\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:h:mitsubishi:melsec_q06udvcpu:-:*:*:*:*:*:*:*\"], \"vendor\": \"mitsubishi\", \"product\": \"melsec_q06udvcpu\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"xxxxx26061\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:h:mitsubishi:melsec_q13udvcpu:-:*:*:*:*:*:*:*\"], \"vendor\": \"mitsubishi\", \"product\": \"melsec_q13udvcpu\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"xxxxx26061\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:h:mitsubishi:melsec_q26udvcpu:-:*:*:*:*:*:*:*\"], \"vendor\": \"mitsubishi\", \"product\": \"melsec_q26udvcpu\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"xxxxx26061\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:h:mitsubishi:melsec_q06udpvcpu:-:*:*:*:*:*:*:*\"], \"vendor\": \"mitsubishi\", \"product\": \"melsec_q06udpvcpu\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"xxxxx26061\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:h:mitsubishi:melsec_q13udpvcpu:-:*:*:*:*:*:*:*\"], \"vendor\": \"mitsubishi\", \"product\": \"melsec_q13udpvcpu\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"xxxxx26061\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:h:mitsubishi:melsec_q26udpvcpu:-:*:*:*:*:*:*:*\"], \"vendor\": \"mitsubishi\", \"product\": \"melsec_q26udpvcpu\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"xxxxx26061\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:h:mitsubishielectric:l02cpu-p:-:*:*:*:*:*:*:*\"], \"vendor\": \"mitsubishielectric\", \"product\": \"l02cpu-p\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"xxxxx26041\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:h:mitsubishi:melsec_l06cpu\\\\(-p\\\\):-:*:*:*:*:*:*:*\"], \"vendor\": \"mitsubishi\", \"product\": \"melsec_l06cpu\\\\(-p\\\\)\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"xxxxx26041\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:h:mitsubishi:melsec_l26cpu\\\\(-p\\\\):-:*:*:*:*:*:*:*\"], \"vendor\": \"mitsubishi\", \"product\": \"melsec_l26cpu\\\\(-p\\\\)\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"xxxxx26041\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:h:mitsubishielectric:melsec_l02cpu-p:-:*:*:*:*:*:*:*\"], \"vendor\": \"mitsubishielectric\", \"product\": \"melsec_l02cpu-p\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"xxxxx26041\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:h:mitsubishielectric:melsec_l06cpu-p:-:*:*:*:*:*:*:*\"], \"vendor\": \"mitsubishielectric\", \"product\": \"melsec_l06cpu-p\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"xxxxx26041\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:h:mitsubishielectric:melsec_l26cpu-p:-:*:*:*:*:*:*:*\"], \"vendor\": \"mitsubishielectric\", \"product\": \"melsec_l26cpu-p\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"xxxxx26041\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:h:mitsubishielectric:l26cpu-bt:-:*:*:*:*:*:*:*\"], \"vendor\": \"mitsubishielectric\", \"product\": \"l26cpu-bt\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"xxxxx26041\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:h:mitsubishielectric:melsec_l26cpu-pbt:-:*:*:*:*:*:*:*\"], \"vendor\": \"mitsubishielectric\", \"product\": \"melsec_l26cpu-pbt\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"xxxxx26041\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-08-27T19:58:00.940Z\"}}], \"cna\": {\"source\": {\"discovery\": \"UNKNOWN\"}, \"impacts\": [{\"descriptions\": [{\"lang\": \"en\", \"value\": \"Remote Code Execution\"}]}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 9.8, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"CRITICAL\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"Mitsubishi Electric Corporation\", \"product\": \"MELSEC-Q Series Q03UDECPU\", \"versions\": [{\"status\": \"affected\", \"version\": \"The first 5 digits of serial No. \\\"26061\\\" and prior\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"Mitsubishi Electric Corporation\", \"product\": \"MELSEC-Q Series Q04UDEHCPU\", \"versions\": [{\"status\": \"affected\", \"version\": \"The first 5 digits of serial No. \\\"26061\\\" and prior\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"Mitsubishi Electric Corporation\", \"product\": \"MELSEC-Q Series Q06UDEHCPU\", \"versions\": [{\"status\": \"affected\", \"version\": \"The first 5 digits of serial No. \\\"26061\\\" and prior\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"Mitsubishi Electric Corporation\", \"product\": \"MELSEC-Q Series Q10UDEHCPU\", \"versions\": [{\"status\": \"affected\", \"version\": \"The first 5 digits of serial No. \\\"26061\\\" and prior\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"Mitsubishi Electric Corporation\", \"product\": \"MELSEC-Q Series Q13UDEHCPU\", \"versions\": [{\"status\": \"affected\", \"version\": \"The first 5 digits of serial No. \\\"26061\\\" and prior\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"Mitsubishi Electric Corporation\", \"product\": \"MELSEC-Q Series Q20UDEHCPU\", \"versions\": [{\"status\": \"affected\", \"version\": \"The first 5 digits of serial No. \\\"26061\\\" and prior\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"Mitsubishi Electric Corporation\", \"product\": \"MELSEC-Q Series Q26UDEHCPU\", \"versions\": [{\"status\": \"affected\", \"version\": \"The first 5 digits of serial No. \\\"26061\\\" and prior\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"Mitsubishi Electric Corporation\", \"product\": \"MELSEC-Q Series Q50UDEHCPU\", \"versions\": [{\"status\": \"affected\", \"version\": \"The first 5 digits of serial No. \\\"26061\\\" and prior\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"Mitsubishi Electric Corporation\", \"product\": \"MELSEC-Q Series Q100UDEHCPU\", \"versions\": [{\"status\": \"affected\", \"version\": \"The first 5 digits of serial No. \\\"26061\\\" and prior\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"Mitsubishi Electric Corporation\", \"product\": \"MELSEC-Q Series Q03UDVCPU\", \"versions\": [{\"status\": \"affected\", \"version\": \"The first 5 digits of serial No. \\\"26061\\\" and prior\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"Mitsubishi Electric Corporation\", \"product\": \"MELSEC-Q Series Q04UDVCPU\", \"versions\": [{\"status\": \"affected\", \"version\": \"The first 5 digits of serial No. \\\"26061\\\" and prior\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"Mitsubishi Electric Corporation\", \"product\": \"MELSEC-Q Series Q06UDVCPU\", \"versions\": [{\"status\": \"affected\", \"version\": \"The first 5 digits of serial No. \\\"26061\\\" and prior\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"Mitsubishi Electric Corporation\", \"product\": \"MELSEC-Q Series Q13UDVCPU\", \"versions\": [{\"status\": \"affected\", \"version\": \"The first 5 digits of serial No. \\\"26061\\\" and prior\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"Mitsubishi Electric Corporation\", \"product\": \"MELSEC-Q Series Q26UDVCPU\", \"versions\": [{\"status\": \"affected\", \"version\": \"The first 5 digits of serial No. \\\"26061\\\" and prior\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"Mitsubishi Electric Corporation\", \"product\": \"MELSEC-Q Series Q04UDPVCPU\", \"versions\": [{\"status\": \"affected\", \"version\": \"The first 5 digits of serial No. \\\"26061\\\" and prior\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"Mitsubishi Electric Corporation\", \"product\": \"MELSEC-Q Series Q06UDPVCPU\", \"versions\": [{\"status\": \"affected\", \"version\": \"The first 5 digits of serial No. \\\"26061\\\" and prior\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"Mitsubishi Electric Corporation\", \"product\": \"MELSEC-Q Series Q13UDPVCPU\", \"versions\": [{\"status\": \"affected\", \"version\": \"The first 5 digits of serial No. \\\"26061\\\" and prior\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"Mitsubishi Electric Corporation\", \"product\": \"MELSEC-Q Series Q26UDPVCPU\", \"versions\": [{\"status\": \"affected\", \"version\": \"The first 5 digits of serial No. \\\"26061\\\" and prior\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"Mitsubishi Electric Corporation\", \"product\": \"MELSEC-L Series L02CPU\", \"versions\": [{\"status\": \"affected\", \"version\": \"The first 5 digits of serial No. \\\"26041\\\" and prior\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"Mitsubishi Electric Corporation\", \"product\": \"MELSEC-L Series L06CPU\", \"versions\": [{\"status\": \"affected\", \"version\": \"The first 5 digits of serial No. \\\"26041\\\" and prior\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"Mitsubishi Electric Corporation\", \"product\": \"MELSEC-L Series L26CPU\", \"versions\": [{\"status\": \"affected\", \"version\": \"The first 5 digits of serial No. \\\"26041\\\" and prior\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"Mitsubishi Electric Corporation\", \"product\": \"MELSEC-L Series L02CPU-P\", \"versions\": [{\"status\": \"affected\", \"version\": \"The first 5 digits of serial No. \\\"26041\\\" and prior\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"Mitsubishi Electric Corporation\", \"product\": \"MELSEC-L Series L06CPU-P\", \"versions\": [{\"status\": \"affected\", \"version\": \"The first 5 digits of serial No. \\\"26041\\\" and prior\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"Mitsubishi Electric Corporation\", \"product\": \"MELSEC-L Series L26CPU-P\", \"versions\": [{\"status\": \"affected\", \"version\": \"The first 5 digits of serial No. \\\"26041\\\" and prior\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"Mitsubishi Electric Corporation\", \"product\": \"MELSEC-L Series L26CPU-BT\", \"versions\": [{\"status\": \"affected\", \"version\": \"The first 5 digits of serial No. \\\"26041\\\" and prior\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"Mitsubishi Electric Corporation\", \"product\": \"MELSEC-L Series L26CPU-PBT\", \"versions\": [{\"status\": \"affected\", \"version\": \"The first 5 digits of serial No. \\\"26041\\\" and prior\"}], \"defaultStatus\": \"unaffected\"}], \"datePublic\": \"2024-03-14T03:00:00.000Z\", \"references\": [{\"url\": \"https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2023-024_en.pdf\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://jvn.jp/vu/JVNVU99690199/\", \"tags\": [\"government-resource\"]}, {\"url\": \"https://www.cisa.gov/news-events/ics-advisories/icsa-24-074-14\", \"tags\": [\"government-resource\"]}], \"x_generator\": {\"engine\": \"Vulnogram 0.1.0-dev\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"Integer Overflow or Wraparound vulnerability in Mitsubishi Electric Corporation MELSEC-Q Series and MELSEC-L Series CPU modules allows a remote unauthenticated attacker to execute malicious code on a target product by sending a specially crafted packet.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"Integer Overflow or Wraparound vulnerability in Mitsubishi Electric Corporation MELSEC-Q Series and MELSEC-L Series CPU modules allows a remote unauthenticated attacker to execute malicious code on a target product by sending a specially crafted packet.\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-190\", \"description\": \"CWE-190 Integer Overflow or Wraparound\"}]}], \"providerMetadata\": {\"orgId\": \"e0f77b61-78fd-4786-b3fb-1ee347a748ad\", \"shortName\": \"Mitsubishi\", \"dateUpdated\": \"2024-06-14T00:05:06.682Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2024-1917\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-08-27T19:58:12.567Z\", \"dateReserved\": \"2024-02-27T06:32:47.752Z\", \"assignerOrgId\": \"e0f77b61-78fd-4786-b3fb-1ee347a748ad\", \"datePublished\": \"2024-03-15T00:02:39.351Z\", \"assignerShortName\": \"Mitsubishi\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

GHSA-V4PW-HGQP-3VV5

Vulnerability from github – Published: 2024-03-15 03:30 – Updated: 2024-03-15 03:30

Details

Severity ?

9.8 (Critical)


                  
                    CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2024-1917"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-190"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-03-15T01:15:58Z",
    "severity": "CRITICAL"
  },
  "details": "Integer Overflow or Wraparound vulnerability in Mitsubishi Electric Corporation MELSEC-Q Series and MELSEC-L Series CPU modules allows a remote unauthenticated attacker to execute malicious code on a target product by sending a specially crafted packet.",
  "id": "GHSA-v4pw-hgqp-3vv5",
  "modified": "2024-03-15T03:30:52Z",
  "published": "2024-03-15T03:30:52Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-1917"
    },
    {
      "type": "WEB",
      "url": "https://jvn.jp/vu/JVNVU99690199"
    },
    {
      "type": "WEB",
      "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-074-14"
    },
    {
      "type": "WEB",
      "url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2023-024_en.pdf"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

ICSA-24-074-14

Vulnerability from csaf_cisa - Published: 2024-03-14 06:00 - Updated: 2024-06-13 06:00

Summary

Mitsubishi Electric MELSEC-Q/L Series (Update B)

Notes

Legal Notice

All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.

Risk evaluation

Successful exploitation of these vulnerabilities could allow a remote attacker to be able to read arbitrary information or execute malicious code on a target product by sending a specially crafted packet.

Critical infrastructure sectors

Critical Manufacturing

Countries/areas deployed

Worldwide

Company headquarters location

Japan

Recommended Practices

CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as:

Recommended Practices

Minimize network exposure for all control system devices and/or systems, ensuring they are not accessible from the internet.

Recommended Practices

CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.

Recommended Practices

CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov/ics. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.

Recommended Practices

CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets.

Recommended Practices

Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov/ics in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.

Recommended Practices

Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.

Recommended Practices

No known public exploitation specifically targeting these vulnerabilities has been reported to CISA at this time.

JSON

To clipboard

{
  "document": {
    "acknowledgments": [
      {
        "names": [
          "Anton Dorfman"
        ],
        "organization": "Positive Technologies",
        "summary": "reporting these vulnerabilities to Mitsubishi Electric"
      }
    ],
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Disclosure is not limited",
      "tlp": {
        "label": "WHITE",
        "url": "https://us-cert.cisa.gov/tlp/"
      }
    },
    "lang": "en-US",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
        "title": "Legal Notice"
      },
      {
        "category": "summary",
        "text": "Successful exploitation of these vulnerabilities could allow a remote attacker to be able to read arbitrary information or execute malicious code on a target product by sending a specially crafted packet.",
        "title": "Risk evaluation"
      },
      {
        "category": "other",
        "text": "Critical Manufacturing",
        "title": "Critical infrastructure sectors"
      },
      {
        "category": "other",
        "text": "Worldwide",
        "title": "Countries/areas deployed"
      },
      {
        "category": "other",
        "text": "Japan",
        "title": "Company headquarters location"
      },
      {
        "category": "general",
        "text": "CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as:",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Minimize network exposure for all control system devices and/or systems, ensuring they are not accessible from the internet.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov/ics. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov/ics in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "No known public exploitation specifically targeting these vulnerabilities has been reported to CISA at this time.",
        "title": "Recommended Practices"
      }
    ],
    "publisher": {
      "category": "coordinator",
      "contact_details": "central@cisa.dhs.gov",
      "name": "CISA",
      "namespace": "https://www.cisa.gov/"
    },
    "references": [
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-24-074-14 JSON",
        "url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2024/icsa-24-074-14.json"
      },
      {
        "category": "self",
        "summary": "ICSA Advisory ICSA-24-074-14 - Web Version",
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-074-14"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/topics/industrial-control-systems"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/uscert/sites/default/files/publications/emailscams0905.pdf"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/uscert/ncas/tips/ST04-014"
      }
    ],
    "title": "Mitsubishi Electric MELSEC-Q/L Series (Update B)",
    "tracking": {
      "current_release_date": "2024-06-13T06:00:00.000000Z",
      "generator": {
        "engine": {
          "name": "CISA CSAF Generator",
          "version": "1.0.0"
        }
      },
      "id": "ICSA-24-074-14",
      "initial_release_date": "2024-03-14T06:00:00.000000Z",
      "revision_history": [
        {
          "date": "2024-03-14T06:00:00.000000Z",
          "legacy_version": "Initial",
          "number": "1",
          "summary": "Initial Publication"
        },
        {
          "date": "2024-05-16T06:00:00.000000Z",
          "legacy_version": "Update A",
          "number": "2",
          "summary": "Update A - Update to the affected products and mitigations"
        },
        {
          "date": "2024-06-13T06:00:00.000000Z",
          "legacy_version": "Update B",
          "number": "3",
          "summary": "Update B - Update to the affected products and mitigations"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c=The_first_5_digits_of_serial_No._\"26061\"",
                "product": {
                  "name": "Mitsubishi Electric MELSEC-Q Series Q03UDECPU: \u003c=The_first_5_digits_of_serial_No._\"26061\"",
                  "product_id": "CSAFPID-0001"
                }
              }
            ],
            "category": "product_name",
            "name": "MELSEC-Q Series Q03UDECPU"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c=The_first_5_digits_of_serial_No._\"26061\"",
                "product": {
                  "name": "Mitsubishi Electric MELSEC-Q Series Q04UDEHCPU: \u003c=The_first_5_digits_of_serial_No._\"26061\"",
                  "product_id": "CSAFPID-0002"
                }
              }
            ],
            "category": "product_name",
            "name": "MELSEC-Q Series Q04UDEHCPU"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c=The_first_5_digits_of_serial_No._\"26061\"",
                "product": {
                  "name": "Mitsubishi Electric MELSEC-Q Series Q06UDEHCPU: \u003c=The_first_5_digits_of_serial_No._\"26061\"",
                  "product_id": "CSAFPID-0003"
                }
              }
            ],
            "category": "product_name",
            "name": "MELSEC-Q Series Q06UDEHCPU"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c=The_first_5_digits_of_serial_No._\"26061\"",
                "product": {
                  "name": "Mitsubishi Electric MELSEC-Q Series Q10UDEHCPU: \u003c=The_first_5_digits_of_serial_No._\"26061\"",
                  "product_id": "CSAFPID-0004"
                }
              }
            ],
            "category": "product_name",
            "name": "MELSEC-Q Series Q10UDEHCPU"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c=The_first_5_digits_of_serial_No._\"26061\"",
                "product": {
                  "name": "Mitsubishi Electric MELSEC-Q Series Q13UDEHCPU: \u003c=The_first_5_digits_of_serial_No._\"26061\"",
                  "product_id": "CSAFPID-0005"
                }
              }
            ],
            "category": "product_name",
            "name": "MELSEC-Q Series Q13UDEHCPU"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c=The_first_5_digits_of_serial_No._\"26061\"",
                "product": {
                  "name": "Mitsubishi Electric MELSEC-Q Series Q20UDEHCPU: \u003c=The_first_5_digits_of_serial_No._\"26061\"",
                  "product_id": "CSAFPID-0006"
                }
              }
            ],
            "category": "product_name",
            "name": "MELSEC-Q Series Q20UDEHCPU"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c=The_first_5_digits_of_serial_No._\"26061\"",
                "product": {
                  "name": "Mitsubishi Electric MELSEC-Q Series Q26UDEHCPU: \u003c=The_first_5_digits_of_serial_No._\"26061\"",
                  "product_id": "CSAFPID-0007"
                }
              }
            ],
            "category": "product_name",
            "name": "MELSEC-Q Series Q26UDEHCPU"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c=The_first_5_digits_of_serial_No._\"26061\"",
                "product": {
                  "name": "Mitsubishi Electric MELSEC-Q Series Q50UDEHCPU: \u003c=The_first_5_digits_of_serial_No._\"26061\"",
                  "product_id": "CSAFPID-0008"
                }
              }
            ],
            "category": "product_name",
            "name": "MELSEC-Q Series Q50UDEHCPU"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c=The_first_5_digits_of_serial_No._\"26061\"",
                "product": {
                  "name": "Mitsubishi Electric MELSEC-Q Series Q100UDEHCPU: \u003c=The_first_5_digits_of_serial_No._\"26061\"",
                  "product_id": "CSAFPID-0009"
                }
              }
            ],
            "category": "product_name",
            "name": "MELSEC-Q Series Q100UDEHCPU"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c=The_first_5_digits_of_serial_No._\"26061\"",
                "product": {
                  "name": "Mitsubishi Electric MELSEC-Q Series Q03UDVCPU: \u003c=The_first_5_digits_of_serial_No._\"26061\"",
                  "product_id": "CSAFPID-0010"
                }
              }
            ],
            "category": "product_name",
            "name": "MELSEC-Q Series Q03UDVCPU"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c=The_first_5_digits_of_serial_No._\"26061\"",
                "product": {
                  "name": "Mitsubishi Electric MELSEC-Q Series Q04UDVCPU: \u003c=The_first_5_digits_of_serial_No._\"26061\"",
                  "product_id": "CSAFPID-0011"
                }
              }
            ],
            "category": "product_name",
            "name": "MELSEC-Q Series Q04UDVCPU"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c=The_first_5_digits_of_serial_No._\"26061\"",
                "product": {
                  "name": "Mitsubishi Electric MELSEC-Q Series Q06UDVCPU: \u003c=The_first_5_digits_of_serial_No._\"26061\"",
                  "product_id": "CSAFPID-0012"
                }
              }
            ],
            "category": "product_name",
            "name": "MELSEC-Q Series Q06UDVCPU"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c=The_first_5_digits_of_serial_No._\"26061\"",
                "product": {
                  "name": "Mitsubishi Electric MELSEC-Q Series Q13UDVCPU: \u003c=The_first_5_digits_of_serial_No._\"26061\"",
                  "product_id": "CSAFPID-0013"
                }
              }
            ],
            "category": "product_name",
            "name": "MELSEC-Q Series Q13UDVCPU"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c=The_first_5_digits_of_serial_No._\"26061\"",
                "product": {
                  "name": "Mitsubishi Electric MELSEC-Q Series Q26UDVCPU: \u003c=The_first_5_digits_of_serial_No._\"26061\"",
                  "product_id": "CSAFPID-0014"
                }
              }
            ],
            "category": "product_name",
            "name": "MELSEC-Q Series Q26UDVCPU"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c=The_first_5_digits_of_serial_No._\"26061\"",
                "product": {
                  "name": "Mitsubishi Electric MELSEC-Q Series Q04UDPVCPU: \u003c=The_first_5_digits_of_serial_No._\"26061\"",
                  "product_id": "CSAFPID-0015"
                }
              }
            ],
            "category": "product_name",
            "name": "MELSEC-Q Series Q04UDPVCPU"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c=The_first_5_digits_of_serial_No._\"26061\"",
                "product": {
                  "name": "Mitsubishi Electric MELSEC-Q Series Q06UDPVCPU: \u003c=The_first_5_digits_of_serial_No._\"26061\"",
                  "product_id": "CSAFPID-0016"
                }
              }
            ],
            "category": "product_name",
            "name": "MELSEC-Q Series Q06UDPVCPU"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c=The_first_5_digits_of_serial_No._\"26061\"",
                "product": {
                  "name": "Mitsubishi Electric MELSEC-Q Series Q13UDPVCPU: \u003c=The_first_5_digits_of_serial_No._\"26061\"",
                  "product_id": "CSAFPID-0017"
                }
              }
            ],
            "category": "product_name",
            "name": "MELSEC-Q Series Q13UDPVCPU"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c=The_first_5_digits_of_serial_No._\"26061\"",
                "product": {
                  "name": "Mitsubishi Electric MELSEC-Q Series Q26UDPVCPU: \u003c=The_first_5_digits_of_serial_No._\"26061\"",
                  "product_id": "CSAFPID-0018"
                }
              }
            ],
            "category": "product_name",
            "name": "MELSEC-Q Series Q26UDPVCPU"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c=The_first_5_digits_of_serial_No._\"26041\"",
                "product": {
                  "name": "Mitsubishi Electric MELSEC-L Series L02CPU(-P): \u003c=The_first_5_digits_of_serial_No._\"26041\"",
                  "product_id": "CSAFPID-0019"
                }
              }
            ],
            "category": "product_name",
            "name": "MELSEC-L Series L02CPU(-P)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c=The_first_5_digits_of_serial_No._\"26041\"",
                "product": {
                  "name": "Mitsubishi Electric MELSEC-L Series L06CPU(-P): \u003c=The_first_5_digits_of_serial_No._\"26041\"",
                  "product_id": "CSAFPID-0020"
                }
              }
            ],
            "category": "product_name",
            "name": "MELSEC-L Series L06CPU(-P)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c=The_first_5_digits_of_serial_No._\"26041\"",
                "product": {
                  "name": "Mitsubishi Electric MELSEC-L Series L26CPU(-P): \u003c=The_first_5_digits_of_serial_No._\"26041\"",
                  "product_id": "CSAFPID-0021"
                }
              }
            ],
            "category": "product_name",
            "name": "MELSEC-L Series L26CPU(-P)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c=The_first_5_digits_of_serial_No._\"26041\"",
                "product": {
                  "name": "Mitsubishi Electric MELSEC-L Series L26CPU-(P)BT: \u003c=The_first_5_digits_of_serial_No._\"26041\"",
                  "product_id": "CSAFPID-0022"
                }
              }
            ],
            "category": "product_name",
            "name": "MELSEC-L Series L26CPU-(P)BT"
          }
        ],
        "category": "vendor",
        "name": "Mitsubishi Electric"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-0802",
      "cwe": {
        "id": "CWE-468",
        "name": "Incorrect Pointer Scaling"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Mitsubishi Electric MELSEC-Q/L Series a remote attacker may be able to read arbitrary information from a target product or execute malicious code on a target product by sending a specially crafted packet.",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005",
          "CSAFPID-0006",
          "CSAFPID-0007",
          "CSAFPID-0008",
          "CSAFPID-0009",
          "CSAFPID-0010",
          "CSAFPID-0011",
          "CSAFPID-0012",
          "CSAFPID-0013",
          "CSAFPID-0014",
          "CSAFPID-0015",
          "CSAFPID-0016",
          "CSAFPID-0017",
          "CSAFPID-0018",
          "CSAFPID-0019",
          "CSAFPID-0020",
          "CSAFPID-0021",
          "CSAFPID-0022"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-0802"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "Mitsubishi Electric released the fixed version of the product:",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-0010",
            "CSAFPID-0011",
            "CSAFPID-0012",
            "CSAFPID-0013",
            "CSAFPID-0014",
            "CSAFPID-0015",
            "CSAFPID-0016",
            "CSAFPID-0017",
            "CSAFPID-0018",
            "CSAFPID-0019",
            "CSAFPID-0020",
            "CSAFPID-0021",
            "CSAFPID-0022"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "MELSEC-Q Series Q03UDECPU, Q04/06/10/13/20/26/50/100UDEHCPU: firmware versions where the first 5 digits of serial No. \"26062\" or later",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009"
          ]
        },
        {
          "category": "mitigation",
          "details": "MELSEC-Q Series Q03/04/06/13/26UDVCPU: firmware versions where the first 5 digits of serial No. \"26062\" or later",
          "product_ids": [
            "CSAFPID-0010",
            "CSAFPID-0011",
            "CSAFPID-0012",
            "CSAFPID-0013",
            "CSAFPID-0014"
          ]
        },
        {
          "category": "mitigation",
          "details": "MELSEC-Q Series Q04/06/13/26UDPVCPU: firmware versions where the first 5 digits of serial No. \"26062\" or later",
          "product_ids": [
            "CSAFPID-0015",
            "CSAFPID-0016",
            "CSAFPID-0017",
            "CSAFPID-0018"
          ]
        },
        {
          "category": "mitigation",
          "details": "MELSEC-L Series L02/06/26CPU(-P), L26CPU-(P)BT: firmware versions where the first 5 digits of serial No. \"26042\" or later",
          "product_ids": [
            "CSAFPID-0019",
            "CSAFPID-0020",
            "CSAFPID-0021",
            "CSAFPID-0022"
          ]
        },
        {
          "category": "mitigation",
          "details": "Mitsubishi Electric recommends that users consider replacing with MELSEC iQ-R Series.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-0010",
            "CSAFPID-0011",
            "CSAFPID-0012",
            "CSAFPID-0013",
            "CSAFPID-0014",
            "CSAFPID-0015",
            "CSAFPID-0016",
            "CSAFPID-0017",
            "CSAFPID-0018",
            "CSAFPID-0019",
            "CSAFPID-0020",
            "CSAFPID-0021",
            "CSAFPID-0022"
          ]
        },
        {
          "category": "mitigation",
          "details": "Mitsubishi Electric recommends that customers take the following mitigation measures to minimize the risk of exploiting these vulnerabilities:",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-0010",
            "CSAFPID-0011",
            "CSAFPID-0012",
            "CSAFPID-0013",
            "CSAFPID-0014",
            "CSAFPID-0015",
            "CSAFPID-0016",
            "CSAFPID-0017",
            "CSAFPID-0018",
            "CSAFPID-0019",
            "CSAFPID-0020",
            "CSAFPID-0021",
            "CSAFPID-0022"
          ]
        },
        {
          "category": "mitigation",
          "details": "Use a firewall, virtual private network (VPN), etc. to prevent unauthorized access when Internet access is required.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-0010",
            "CSAFPID-0011",
            "CSAFPID-0012",
            "CSAFPID-0013",
            "CSAFPID-0014",
            "CSAFPID-0015",
            "CSAFPID-0016",
            "CSAFPID-0017",
            "CSAFPID-0018",
            "CSAFPID-0019",
            "CSAFPID-0020",
            "CSAFPID-0021",
            "CSAFPID-0022"
          ]
        },
        {
          "category": "mitigation",
          "details": "Use within a LAN and block access from untrusted networks and hosts through firewalls.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-0010",
            "CSAFPID-0011",
            "CSAFPID-0012",
            "CSAFPID-0013",
            "CSAFPID-0014",
            "CSAFPID-0015",
            "CSAFPID-0016",
            "CSAFPID-0017",
            "CSAFPID-0018",
            "CSAFPID-0019",
            "CSAFPID-0020",
            "CSAFPID-0021",
            "CSAFPID-0022"
          ]
        },
        {
          "category": "mitigation",
          "details": "Restrict physical access to the affected product as well as to the personal computers and the network devices that can communicate with it.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-0010",
            "CSAFPID-0011",
            "CSAFPID-0012",
            "CSAFPID-0013",
            "CSAFPID-0014",
            "CSAFPID-0015",
            "CSAFPID-0016",
            "CSAFPID-0017",
            "CSAFPID-0018",
            "CSAFPID-0019",
            "CSAFPID-0020",
            "CSAFPID-0021",
            "CSAFPID-0022"
          ]
        },
        {
          "category": "mitigation",
          "details": "Install antivirus software on your personal computer that can access the affected product.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-0010",
            "CSAFPID-0011",
            "CSAFPID-0012",
            "CSAFPID-0013",
            "CSAFPID-0014",
            "CSAFPID-0015",
            "CSAFPID-0016",
            "CSAFPID-0017",
            "CSAFPID-0018",
            "CSAFPID-0019",
            "CSAFPID-0020",
            "CSAFPID-0021",
            "CSAFPID-0022"
          ]
        },
        {
          "category": "mitigation",
          "details": "For specific additional details, see Mitsubishi Electric advisory 2023-024.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-0010",
            "CSAFPID-0011",
            "CSAFPID-0012",
            "CSAFPID-0013",
            "CSAFPID-0014",
            "CSAFPID-0015",
            "CSAFPID-0016",
            "CSAFPID-0017",
            "CSAFPID-0018",
            "CSAFPID-0019",
            "CSAFPID-0020",
            "CSAFPID-0021",
            "CSAFPID-0022"
          ],
          "url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2023-024_en.pdf"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-0010",
            "CSAFPID-0011",
            "CSAFPID-0012",
            "CSAFPID-0013",
            "CSAFPID-0014",
            "CSAFPID-0015",
            "CSAFPID-0016",
            "CSAFPID-0017",
            "CSAFPID-0018",
            "CSAFPID-0019",
            "CSAFPID-0020",
            "CSAFPID-0021",
            "CSAFPID-0022"
          ]
        }
      ]
    },
    {
      "cve": "CVE-2024-0803",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Mitsubishi Electric MELSEC-Q/L Series a remote attacker may be able to execute malicious code on a target product by sending a specially crafted packet",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005",
          "CSAFPID-0006",
          "CSAFPID-0007",
          "CSAFPID-0008",
          "CSAFPID-0009",
          "CSAFPID-0010",
          "CSAFPID-0011",
          "CSAFPID-0012",
          "CSAFPID-0013",
          "CSAFPID-0014",
          "CSAFPID-0015",
          "CSAFPID-0016",
          "CSAFPID-0017",
          "CSAFPID-0018",
          "CSAFPID-0019",
          "CSAFPID-0020",
          "CSAFPID-0021",
          "CSAFPID-0022"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-0803"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "Mitsubishi Electric released the fixed version of the product:",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-0010",
            "CSAFPID-0011",
            "CSAFPID-0012",
            "CSAFPID-0013",
            "CSAFPID-0014",
            "CSAFPID-0015",
            "CSAFPID-0016",
            "CSAFPID-0017",
            "CSAFPID-0018",
            "CSAFPID-0019",
            "CSAFPID-0020",
            "CSAFPID-0021",
            "CSAFPID-0022"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "MELSEC-Q Series Q03UDECPU, Q04/06/10/13/20/26/50/100UDEHCPU: firmware versions where the first 5 digits of serial No. \"26062\" or later",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009"
          ]
        },
        {
          "category": "mitigation",
          "details": "MELSEC-Q Series Q03/04/06/13/26UDVCPU: firmware versions where the first 5 digits of serial No. \"26062\" or later",
          "product_ids": [
            "CSAFPID-0010",
            "CSAFPID-0011",
            "CSAFPID-0012",
            "CSAFPID-0013",
            "CSAFPID-0014"
          ]
        },
        {
          "category": "mitigation",
          "details": "MELSEC-Q Series Q04/06/13/26UDPVCPU: firmware versions where the first 5 digits of serial No. \"26062\" or later",
          "product_ids": [
            "CSAFPID-0015",
            "CSAFPID-0016",
            "CSAFPID-0017",
            "CSAFPID-0018"
          ]
        },
        {
          "category": "mitigation",
          "details": "MELSEC-L Series L02/06/26CPU(-P), L26CPU-(P)BT: firmware versions where the first 5 digits of serial No. \"26042\" or later",
          "product_ids": [
            "CSAFPID-0019",
            "CSAFPID-0020",
            "CSAFPID-0021",
            "CSAFPID-0022"
          ]
        },
        {
          "category": "mitigation",
          "details": "Mitsubishi Electric recommends that users consider replacing with MELSEC iQ-R Series.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-0010",
            "CSAFPID-0011",
            "CSAFPID-0012",
            "CSAFPID-0013",
            "CSAFPID-0014",
            "CSAFPID-0015",
            "CSAFPID-0016",
            "CSAFPID-0017",
            "CSAFPID-0018",
            "CSAFPID-0019",
            "CSAFPID-0020",
            "CSAFPID-0021",
            "CSAFPID-0022"
          ]
        },
        {
          "category": "mitigation",
          "details": "Mitsubishi Electric recommends that customers take the following mitigation measures to minimize the risk of exploiting these vulnerabilities:",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-0010",
            "CSAFPID-0011",
            "CSAFPID-0012",
            "CSAFPID-0013",
            "CSAFPID-0014",
            "CSAFPID-0015",
            "CSAFPID-0016",
            "CSAFPID-0017",
            "CSAFPID-0018",
            "CSAFPID-0019",
            "CSAFPID-0020",
            "CSAFPID-0021",
            "CSAFPID-0022"
          ]
        },
        {
          "category": "mitigation",
          "details": "Use a firewall, virtual private network (VPN), etc. to prevent unauthorized access when Internet access is required.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-0010",
            "CSAFPID-0011",
            "CSAFPID-0012",
            "CSAFPID-0013",
            "CSAFPID-0014",
            "CSAFPID-0015",
            "CSAFPID-0016",
            "CSAFPID-0017",
            "CSAFPID-0018",
            "CSAFPID-0019",
            "CSAFPID-0020",
            "CSAFPID-0021",
            "CSAFPID-0022"
          ]
        },
        {
          "category": "mitigation",
          "details": "Use within a LAN and block access from untrusted networks and hosts through firewalls.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-0010",
            "CSAFPID-0011",
            "CSAFPID-0012",
            "CSAFPID-0013",
            "CSAFPID-0014",
            "CSAFPID-0015",
            "CSAFPID-0016",
            "CSAFPID-0017",
            "CSAFPID-0018",
            "CSAFPID-0019",
            "CSAFPID-0020",
            "CSAFPID-0021",
            "CSAFPID-0022"
          ]
        },
        {
          "category": "mitigation",
          "details": "Restrict physical access to the affected product as well as to the personal computers and the network devices that can communicate with it.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-0010",
            "CSAFPID-0011",
            "CSAFPID-0012",
            "CSAFPID-0013",
            "CSAFPID-0014",
            "CSAFPID-0015",
            "CSAFPID-0016",
            "CSAFPID-0017",
            "CSAFPID-0018",
            "CSAFPID-0019",
            "CSAFPID-0020",
            "CSAFPID-0021",
            "CSAFPID-0022"
          ]
        },
        {
          "category": "mitigation",
          "details": "Install antivirus software on your personal computer that can access the affected product.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-0010",
            "CSAFPID-0011",
            "CSAFPID-0012",
            "CSAFPID-0013",
            "CSAFPID-0014",
            "CSAFPID-0015",
            "CSAFPID-0016",
            "CSAFPID-0017",
            "CSAFPID-0018",
            "CSAFPID-0019",
            "CSAFPID-0020",
            "CSAFPID-0021",
            "CSAFPID-0022"
          ]
        },
        {
          "category": "mitigation",
          "details": "For specific additional details, see Mitsubishi Electric advisory 2023-024.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-0010",
            "CSAFPID-0011",
            "CSAFPID-0012",
            "CSAFPID-0013",
            "CSAFPID-0014",
            "CSAFPID-0015",
            "CSAFPID-0016",
            "CSAFPID-0017",
            "CSAFPID-0018",
            "CSAFPID-0019",
            "CSAFPID-0020",
            "CSAFPID-0021",
            "CSAFPID-0022"
          ],
          "url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2023-024_en.pdf"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-0010",
            "CSAFPID-0011",
            "CSAFPID-0012",
            "CSAFPID-0013",
            "CSAFPID-0014",
            "CSAFPID-0015",
            "CSAFPID-0016",
            "CSAFPID-0017",
            "CSAFPID-0018",
            "CSAFPID-0019",
            "CSAFPID-0020",
            "CSAFPID-0021",
            "CSAFPID-0022"
          ]
        }
      ]
    },
    {
      "cve": "CVE-2024-1915",
      "cwe": {
        "id": "CWE-468",
        "name": "Incorrect Pointer Scaling"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Mitsubishi Electric MELSEC-Q/L Series a remote attacker may be able to execute malicious code on a target product by sending a specially crafted packet",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005",
          "CSAFPID-0006",
          "CSAFPID-0007",
          "CSAFPID-0008",
          "CSAFPID-0009",
          "CSAFPID-0010",
          "CSAFPID-0011",
          "CSAFPID-0012",
          "CSAFPID-0013",
          "CSAFPID-0014",
          "CSAFPID-0015",
          "CSAFPID-0016",
          "CSAFPID-0017",
          "CSAFPID-0018",
          "CSAFPID-0019",
          "CSAFPID-0020",
          "CSAFPID-0021",
          "CSAFPID-0022"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-1915"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "Mitsubishi Electric released the fixed version of the product:",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-0010",
            "CSAFPID-0011",
            "CSAFPID-0012",
            "CSAFPID-0013",
            "CSAFPID-0014",
            "CSAFPID-0015",
            "CSAFPID-0016",
            "CSAFPID-0017",
            "CSAFPID-0018",
            "CSAFPID-0019",
            "CSAFPID-0020",
            "CSAFPID-0021",
            "CSAFPID-0022"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "MELSEC-Q Series Q03UDECPU, Q04/06/10/13/20/26/50/100UDEHCPU: firmware versions where the first 5 digits of serial No. \"26062\" or later",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009"
          ]
        },
        {
          "category": "mitigation",
          "details": "MELSEC-Q Series Q03/04/06/13/26UDVCPU: firmware versions where the first 5 digits of serial No. \"26062\" or later",
          "product_ids": [
            "CSAFPID-0010",
            "CSAFPID-0011",
            "CSAFPID-0012",
            "CSAFPID-0013",
            "CSAFPID-0014"
          ]
        },
        {
          "category": "mitigation",
          "details": "MELSEC-Q Series Q04/06/13/26UDPVCPU: firmware versions where the first 5 digits of serial No. \"26062\" or later",
          "product_ids": [
            "CSAFPID-0015",
            "CSAFPID-0016",
            "CSAFPID-0017",
            "CSAFPID-0018"
          ]
        },
        {
          "category": "mitigation",
          "details": "MELSEC-L Series L02/06/26CPU(-P), L26CPU-(P)BT: firmware versions where the first 5 digits of serial No. \"26042\" or later",
          "product_ids": [
            "CSAFPID-0019",
            "CSAFPID-0020",
            "CSAFPID-0021",
            "CSAFPID-0022"
          ]
        },
        {
          "category": "mitigation",
          "details": "Mitsubishi Electric recommends that users consider replacing with MELSEC iQ-R Series.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-0010",
            "CSAFPID-0011",
            "CSAFPID-0012",
            "CSAFPID-0013",
            "CSAFPID-0014",
            "CSAFPID-0015",
            "CSAFPID-0016",
            "CSAFPID-0017",
            "CSAFPID-0018",
            "CSAFPID-0019",
            "CSAFPID-0020",
            "CSAFPID-0021",
            "CSAFPID-0022"
          ]
        },
        {
          "category": "mitigation",
          "details": "Mitsubishi Electric recommends that customers take the following mitigation measures to minimize the risk of exploiting these vulnerabilities:",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-0010",
            "CSAFPID-0011",
            "CSAFPID-0012",
            "CSAFPID-0013",
            "CSAFPID-0014",
            "CSAFPID-0015",
            "CSAFPID-0016",
            "CSAFPID-0017",
            "CSAFPID-0018",
            "CSAFPID-0019",
            "CSAFPID-0020",
            "CSAFPID-0021",
            "CSAFPID-0022"
          ]
        },
        {
          "category": "mitigation",
          "details": "Use a firewall, virtual private network (VPN), etc. to prevent unauthorized access when Internet access is required.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-0010",
            "CSAFPID-0011",
            "CSAFPID-0012",
            "CSAFPID-0013",
            "CSAFPID-0014",
            "CSAFPID-0015",
            "CSAFPID-0016",
            "CSAFPID-0017",
            "CSAFPID-0018",
            "CSAFPID-0019",
            "CSAFPID-0020",
            "CSAFPID-0021",
            "CSAFPID-0022"
          ]
        },
        {
          "category": "mitigation",
          "details": "Use within a LAN and block access from untrusted networks and hosts through firewalls.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-0010",
            "CSAFPID-0011",
            "CSAFPID-0012",
            "CSAFPID-0013",
            "CSAFPID-0014",
            "CSAFPID-0015",
            "CSAFPID-0016",
            "CSAFPID-0017",
            "CSAFPID-0018",
            "CSAFPID-0019",
            "CSAFPID-0020",
            "CSAFPID-0021",
            "CSAFPID-0022"
          ]
        },
        {
          "category": "mitigation",
          "details": "Restrict physical access to the affected product as well as to the personal computers and the network devices that can communicate with it.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-0010",
            "CSAFPID-0011",
            "CSAFPID-0012",
            "CSAFPID-0013",
            "CSAFPID-0014",
            "CSAFPID-0015",
            "CSAFPID-0016",
            "CSAFPID-0017",
            "CSAFPID-0018",
            "CSAFPID-0019",
            "CSAFPID-0020",
            "CSAFPID-0021",
            "CSAFPID-0022"
          ]
        },
        {
          "category": "mitigation",
          "details": "Install antivirus software on your personal computer that can access the affected product.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-0010",
            "CSAFPID-0011",
            "CSAFPID-0012",
            "CSAFPID-0013",
            "CSAFPID-0014",
            "CSAFPID-0015",
            "CSAFPID-0016",
            "CSAFPID-0017",
            "CSAFPID-0018",
            "CSAFPID-0019",
            "CSAFPID-0020",
            "CSAFPID-0021",
            "CSAFPID-0022"
          ]
        },
        {
          "category": "mitigation",
          "details": "For specific additional details, see Mitsubishi Electric advisory 2023-024.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-0010",
            "CSAFPID-0011",
            "CSAFPID-0012",
            "CSAFPID-0013",
            "CSAFPID-0014",
            "CSAFPID-0015",
            "CSAFPID-0016",
            "CSAFPID-0017",
            "CSAFPID-0018",
            "CSAFPID-0019",
            "CSAFPID-0020",
            "CSAFPID-0021",
            "CSAFPID-0022"
          ],
          "url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2023-024_en.pdf"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-0010",
            "CSAFPID-0011",
            "CSAFPID-0012",
            "CSAFPID-0013",
            "CSAFPID-0014",
            "CSAFPID-0015",
            "CSAFPID-0016",
            "CSAFPID-0017",
            "CSAFPID-0018",
            "CSAFPID-0019",
            "CSAFPID-0020",
            "CSAFPID-0021",
            "CSAFPID-0022"
          ]
        }
      ]
    },
    {
      "cve": "CVE-2024-1916",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Mitsubishi Electric MELSEC-Q/L Series a remote attacker may be able to execute malicious code on a target product by sending a specially crafted packet",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005",
          "CSAFPID-0006",
          "CSAFPID-0007",
          "CSAFPID-0008",
          "CSAFPID-0009",
          "CSAFPID-0010",
          "CSAFPID-0011",
          "CSAFPID-0012",
          "CSAFPID-0013",
          "CSAFPID-0014",
          "CSAFPID-0015",
          "CSAFPID-0016",
          "CSAFPID-0017",
          "CSAFPID-0018",
          "CSAFPID-0019",
          "CSAFPID-0020",
          "CSAFPID-0021",
          "CSAFPID-0022"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-1916"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "Mitsubishi Electric released the fixed version of the product:",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-0010",
            "CSAFPID-0011",
            "CSAFPID-0012",
            "CSAFPID-0013",
            "CSAFPID-0014",
            "CSAFPID-0015",
            "CSAFPID-0016",
            "CSAFPID-0017",
            "CSAFPID-0018",
            "CSAFPID-0019",
            "CSAFPID-0020",
            "CSAFPID-0021",
            "CSAFPID-0022"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "MELSEC-Q Series Q03UDECPU, Q04/06/10/13/20/26/50/100UDEHCPU: firmware versions where the first 5 digits of serial No. \"26062\" or later",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009"
          ]
        },
        {
          "category": "mitigation",
          "details": "MELSEC-Q Series Q03/04/06/13/26UDVCPU: firmware versions where the first 5 digits of serial No. \"26062\" or later",
          "product_ids": [
            "CSAFPID-0010",
            "CSAFPID-0011",
            "CSAFPID-0012",
            "CSAFPID-0013",
            "CSAFPID-0014"
          ]
        },
        {
          "category": "mitigation",
          "details": "MELSEC-Q Series Q04/06/13/26UDPVCPU: firmware versions where the first 5 digits of serial No. \"26062\" or later",
          "product_ids": [
            "CSAFPID-0015",
            "CSAFPID-0016",
            "CSAFPID-0017",
            "CSAFPID-0018"
          ]
        },
        {
          "category": "mitigation",
          "details": "MELSEC-L Series L02/06/26CPU(-P), L26CPU-(P)BT: firmware versions where the first 5 digits of serial No. \"26042\" or later",
          "product_ids": [
            "CSAFPID-0019",
            "CSAFPID-0020",
            "CSAFPID-0021",
            "CSAFPID-0022"
          ]
        },
        {
          "category": "mitigation",
          "details": "Mitsubishi Electric recommends that users consider replacing with MELSEC iQ-R Series.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-0010",
            "CSAFPID-0011",
            "CSAFPID-0012",
            "CSAFPID-0013",
            "CSAFPID-0014",
            "CSAFPID-0015",
            "CSAFPID-0016",
            "CSAFPID-0017",
            "CSAFPID-0018",
            "CSAFPID-0019",
            "CSAFPID-0020",
            "CSAFPID-0021",
            "CSAFPID-0022"
          ]
        },
        {
          "category": "mitigation",
          "details": "Mitsubishi Electric recommends that customers take the following mitigation measures to minimize the risk of exploiting these vulnerabilities:",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-0010",
            "CSAFPID-0011",
            "CSAFPID-0012",
            "CSAFPID-0013",
            "CSAFPID-0014",
            "CSAFPID-0015",
            "CSAFPID-0016",
            "CSAFPID-0017",
            "CSAFPID-0018",
            "CSAFPID-0019",
            "CSAFPID-0020",
            "CSAFPID-0021",
            "CSAFPID-0022"
          ]
        },
        {
          "category": "mitigation",
          "details": "Use a firewall, virtual private network (VPN), etc. to prevent unauthorized access when Internet access is required.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-0010",
            "CSAFPID-0011",
            "CSAFPID-0012",
            "CSAFPID-0013",
            "CSAFPID-0014",
            "CSAFPID-0015",
            "CSAFPID-0016",
            "CSAFPID-0017",
            "CSAFPID-0018",
            "CSAFPID-0019",
            "CSAFPID-0020",
            "CSAFPID-0021",
            "CSAFPID-0022"
          ]
        },
        {
          "category": "mitigation",
          "details": "Use within a LAN and block access from untrusted networks and hosts through firewalls.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-0010",
            "CSAFPID-0011",
            "CSAFPID-0012",
            "CSAFPID-0013",
            "CSAFPID-0014",
            "CSAFPID-0015",
            "CSAFPID-0016",
            "CSAFPID-0017",
            "CSAFPID-0018",
            "CSAFPID-0019",
            "CSAFPID-0020",
            "CSAFPID-0021",
            "CSAFPID-0022"
          ]
        },
        {
          "category": "mitigation",
          "details": "Restrict physical access to the affected product as well as to the personal computers and the network devices that can communicate with it.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-0010",
            "CSAFPID-0011",
            "CSAFPID-0012",
            "CSAFPID-0013",
            "CSAFPID-0014",
            "CSAFPID-0015",
            "CSAFPID-0016",
            "CSAFPID-0017",
            "CSAFPID-0018",
            "CSAFPID-0019",
            "CSAFPID-0020",
            "CSAFPID-0021",
            "CSAFPID-0022"
          ]
        },
        {
          "category": "mitigation",
          "details": "Install antivirus software on your personal computer that can access the affected product.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-0010",
            "CSAFPID-0011",
            "CSAFPID-0012",
            "CSAFPID-0013",
            "CSAFPID-0014",
            "CSAFPID-0015",
            "CSAFPID-0016",
            "CSAFPID-0017",
            "CSAFPID-0018",
            "CSAFPID-0019",
            "CSAFPID-0020",
            "CSAFPID-0021",
            "CSAFPID-0022"
          ]
        },
        {
          "category": "mitigation",
          "details": "For specific additional details, see Mitsubishi Electric advisory 2023-024.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-0010",
            "CSAFPID-0011",
            "CSAFPID-0012",
            "CSAFPID-0013",
            "CSAFPID-0014",
            "CSAFPID-0015",
            "CSAFPID-0016",
            "CSAFPID-0017",
            "CSAFPID-0018",
            "CSAFPID-0019",
            "CSAFPID-0020",
            "CSAFPID-0021",
            "CSAFPID-0022"
          ],
          "url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2023-024_en.pdf"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-0010",
            "CSAFPID-0011",
            "CSAFPID-0012",
            "CSAFPID-0013",
            "CSAFPID-0014",
            "CSAFPID-0015",
            "CSAFPID-0016",
            "CSAFPID-0017",
            "CSAFPID-0018",
            "CSAFPID-0019",
            "CSAFPID-0020",
            "CSAFPID-0021",
            "CSAFPID-0022"
          ]
        }
      ]
    },
    {
      "cve": "CVE-2024-1917",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Mitsubishi Electric MELSEC-Q/L Series a remote attacker may be able to execute malicious code on a target product by sending a specially crafted packet",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005",
          "CSAFPID-0006",
          "CSAFPID-0007",
          "CSAFPID-0008",
          "CSAFPID-0009",
          "CSAFPID-0010",
          "CSAFPID-0011",
          "CSAFPID-0012",
          "CSAFPID-0013",
          "CSAFPID-0014",
          "CSAFPID-0015",
          "CSAFPID-0016",
          "CSAFPID-0017",
          "CSAFPID-0018",
          "CSAFPID-0019",
          "CSAFPID-0020",
          "CSAFPID-0021",
          "CSAFPID-0022"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-1917"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "Mitsubishi Electric released the fixed version of the product:",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-0010",
            "CSAFPID-0011",
            "CSAFPID-0012",
            "CSAFPID-0013",
            "CSAFPID-0014",
            "CSAFPID-0015",
            "CSAFPID-0016",
            "CSAFPID-0017",
            "CSAFPID-0018",
            "CSAFPID-0019",
            "CSAFPID-0020",
            "CSAFPID-0021",
            "CSAFPID-0022"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "MELSEC-Q Series Q03UDECPU, Q04/06/10/13/20/26/50/100UDEHCPU: firmware versions where the first 5 digits of serial No. \"26062\" or later",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009"
          ]
        },
        {
          "category": "mitigation",
          "details": "MELSEC-Q Series Q03/04/06/13/26UDVCPU: firmware versions where the first 5 digits of serial No. \"26062\" or later",
          "product_ids": [
            "CSAFPID-0010",
            "CSAFPID-0011",
            "CSAFPID-0012",
            "CSAFPID-0013",
            "CSAFPID-0014"
          ]
        },
        {
          "category": "mitigation",
          "details": "MELSEC-Q Series Q04/06/13/26UDPVCPU: firmware versions where the first 5 digits of serial No. \"26062\" or later",
          "product_ids": [
            "CSAFPID-0015",
            "CSAFPID-0016",
            "CSAFPID-0017",
            "CSAFPID-0018"
          ]
        },
        {
          "category": "mitigation",
          "details": "MELSEC-L Series L02/06/26CPU(-P), L26CPU-(P)BT: firmware versions where the first 5 digits of serial No. \"26042\" or later",
          "product_ids": [
            "CSAFPID-0019",
            "CSAFPID-0020",
            "CSAFPID-0021",
            "CSAFPID-0022"
          ]
        },
        {
          "category": "mitigation",
          "details": "Mitsubishi Electric recommends that users consider replacing with MELSEC iQ-R Series.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-0010",
            "CSAFPID-0011",
            "CSAFPID-0012",
            "CSAFPID-0013",
            "CSAFPID-0014",
            "CSAFPID-0015",
            "CSAFPID-0016",
            "CSAFPID-0017",
            "CSAFPID-0018",
            "CSAFPID-0019",
            "CSAFPID-0020",
            "CSAFPID-0021",
            "CSAFPID-0022"
          ]
        },
        {
          "category": "mitigation",
          "details": "Mitsubishi Electric recommends that customers take the following mitigation measures to minimize the risk of exploiting these vulnerabilities:",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-0010",
            "CSAFPID-0011",
            "CSAFPID-0012",
            "CSAFPID-0013",
            "CSAFPID-0014",
            "CSAFPID-0015",
            "CSAFPID-0016",
            "CSAFPID-0017",
            "CSAFPID-0018",
            "CSAFPID-0019",
            "CSAFPID-0020",
            "CSAFPID-0021",
            "CSAFPID-0022"
          ]
        },
        {
          "category": "mitigation",
          "details": "Use a firewall, virtual private network (VPN), etc. to prevent unauthorized access when Internet access is required.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-0010",
            "CSAFPID-0011",
            "CSAFPID-0012",
            "CSAFPID-0013",
            "CSAFPID-0014",
            "CSAFPID-0015",
            "CSAFPID-0016",
            "CSAFPID-0017",
            "CSAFPID-0018",
            "CSAFPID-0019",
            "CSAFPID-0020",
            "CSAFPID-0021",
            "CSAFPID-0022"
          ]
        },
        {
          "category": "mitigation",
          "details": "Use within a LAN and block access from untrusted networks and hosts through firewalls.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-0010",
            "CSAFPID-0011",
            "CSAFPID-0012",
            "CSAFPID-0013",
            "CSAFPID-0014",
            "CSAFPID-0015",
            "CSAFPID-0016",
            "CSAFPID-0017",
            "CSAFPID-0018",
            "CSAFPID-0019",
            "CSAFPID-0020",
            "CSAFPID-0021",
            "CSAFPID-0022"
          ]
        },
        {
          "category": "mitigation",
          "details": "Restrict physical access to the affected product as well as to the personal computers and the network devices that can communicate with it.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-0010",
            "CSAFPID-0011",
            "CSAFPID-0012",
            "CSAFPID-0013",
            "CSAFPID-0014",
            "CSAFPID-0015",
            "CSAFPID-0016",
            "CSAFPID-0017",
            "CSAFPID-0018",
            "CSAFPID-0019",
            "CSAFPID-0020",
            "CSAFPID-0021",
            "CSAFPID-0022"
          ]
        },
        {
          "category": "mitigation",
          "details": "Install antivirus software on your personal computer that can access the affected product.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-0010",
            "CSAFPID-0011",
            "CSAFPID-0012",
            "CSAFPID-0013",
            "CSAFPID-0014",
            "CSAFPID-0015",
            "CSAFPID-0016",
            "CSAFPID-0017",
            "CSAFPID-0018",
            "CSAFPID-0019",
            "CSAFPID-0020",
            "CSAFPID-0021",
            "CSAFPID-0022"
          ]
        },
        {
          "category": "mitigation",
          "details": "For specific additional details, see Mitsubishi Electric advisory 2023-024.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-0010",
            "CSAFPID-0011",
            "CSAFPID-0012",
            "CSAFPID-0013",
            "CSAFPID-0014",
            "CSAFPID-0015",
            "CSAFPID-0016",
            "CSAFPID-0017",
            "CSAFPID-0018",
            "CSAFPID-0019",
            "CSAFPID-0020",
            "CSAFPID-0021",
            "CSAFPID-0022"
          ],
          "url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2023-024_en.pdf"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-0010",
            "CSAFPID-0011",
            "CSAFPID-0012",
            "CSAFPID-0013",
            "CSAFPID-0014",
            "CSAFPID-0015",
            "CSAFPID-0016",
            "CSAFPID-0017",
            "CSAFPID-0018",
            "CSAFPID-0019",
            "CSAFPID-0020",
            "CSAFPID-0021",
            "CSAFPID-0022"
          ]
        }
      ]
    }
  ]
}

FKIE_CVE-2024-1917

Vulnerability from fkie_nvd - Published: 2024-03-15 01:15 - Updated: 2024-11-21 08:51

Severity ?

9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

References

	URL	Tags
	Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp	https://jvn.jp/vu/JVNVU99690199/
	Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp	https://www.cisa.gov/news-events/ics-advisories/icsa-24-074-14
	Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp	https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2023-024_en.pdf
	af854a3a-2127-422b-91ae-364da2661108	https://jvn.jp/vu/JVNVU99690199/
	af854a3a-2127-422b-91ae-364da2661108	https://www.cisa.gov/news-events/ics-advisories/icsa-24-074-14
	af854a3a-2127-422b-91ae-364da2661108	https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2023-024_en.pdf

Impacted products

	Vendor	Product	Version

JSON

To clipboard

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Integer Overflow or Wraparound vulnerability in Mitsubishi Electric Corporation MELSEC-Q Series and MELSEC-L Series CPU modules allows a remote unauthenticated attacker to execute malicious code on a target product by sending a specially crafted packet."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad de desbordamiento de enteros o envoltura en los m\u00f3dulos de CPU de las series MELSEC-Q y MELSEC-L de Mitsubishi Electric Corporation permite que un atacante remoto no autenticado ejecute c\u00f3digo malicioso en un producto objetivo enviando un paquete especialmente manipulado."
    }
  ],
  "id": "CVE-2024-1917",
  "lastModified": "2024-11-21T08:51:35.613",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp",
        "type": "Secondary"
      }
    ]
  },
  "published": "2024-03-15T01:15:58.590",
  "references": [
    {
      "source": "Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp",
      "url": "https://jvn.jp/vu/JVNVU99690199/"
    },
    {
      "source": "Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp",
      "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-074-14"
    },
    {
      "source": "Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp",
      "url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2023-024_en.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://jvn.jp/vu/JVNVU99690199/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-074-14"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2023-024_en.pdf"
    }
  ],
  "sourceIdentifier": "Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp",
  "vulnStatus": "Awaiting Analysis",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-190"
        }
      ],
      "source": "Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp",
      "type": "Secondary"
    }
  ]
}

CNVD-2024-26019

Vulnerability from cnvd - Published: 2024-06-06

Title

Mitsubishi Electric MELSEC-Q Series和MELSEC-L Series远程代码执行漏洞

Description

Mitsubishi Electric MELSEC-Q Series是日本Mitsubishi Electric公司的一款MELSEC-Q系列的可编程逻辑控制器。Mitsubishi MELSEC-L Series是日本Mitsubishi公司的一款MELSEC-L系列的可编程逻辑控制器。 Mitsubishi Electric MELSEC-Q Series和MELSEC-L Series存在远程代码执行漏洞，远程攻击者可利用该漏洞通过发送特制的数据包在目标产品上执行恶意代码。

Severity

高

Patch Name

Mitsubishi Electric MELSEC-Q Series和MELSEC-L Series远程代码执行漏洞的补丁

Patch Description

Formal description

厂商已发布了漏洞修复程序，请及时关注更新： https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2023-024_en.pdf

Reference

https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2023-024_en.pdf

Impacted products

Name
['Mitsubishi Electric MELSEC-L Series L02/06/26CPU(-P), L26CPU-(P)BT <=26041', 'Mitsubishi Electric MELSEC-Q Series Q04/06/13/26UDPVCPU', 'Mitsubishi Electric MELSEC-Q Series Q03/04/06/13/26UDVCPU', 'Mitsubishi Electric MELSEC-Q Series Q03UDECPU, Q04/06/10/13/20/26/50/100UDEHCPU']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2024-1917",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2024-1917"
    }
  },
  "description": "Mitsubishi Electric MELSEC-Q Series\u662f\u65e5\u672cMitsubishi Electric\u516c\u53f8\u7684\u4e00\u6b3eMELSEC-Q\u7cfb\u5217\u7684\u53ef\u7f16\u7a0b\u903b\u8f91\u63a7\u5236\u5668\u3002Mitsubishi MELSEC-L Series\u662f\u65e5\u672cMitsubishi\u516c\u53f8\u7684\u4e00\u6b3eMELSEC-L\u7cfb\u5217\u7684\u53ef\u7f16\u7a0b\u903b\u8f91\u63a7\u5236\u5668\u3002\n\nMitsubishi Electric MELSEC-Q Series\u548cMELSEC-L Series\u5b58\u5728\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\uff0c\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u901a\u8fc7\u53d1\u9001\u7279\u5236\u7684\u6570\u636e\u5305\u5728\u76ee\u6807\u4ea7\u54c1\u4e0a\u6267\u884c\u6076\u610f\u4ee3\u7801\u3002",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2023-024_en.pdf",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2024-26019",
  "openTime": "2024-06-06",
  "patchDescription": "Mitsubishi Electric MELSEC-Q Series\u662f\u65e5\u672cMitsubishi Electric\u516c\u53f8\u7684\u4e00\u6b3eMELSEC-Q\u7cfb\u5217\u7684\u53ef\u7f16\u7a0b\u903b\u8f91\u63a7\u5236\u5668\u3002Mitsubishi MELSEC-L Series\u662f\u65e5\u672cMitsubishi\u516c\u53f8\u7684\u4e00\u6b3eMELSEC-L\u7cfb\u5217\u7684\u53ef\u7f16\u7a0b\u903b\u8f91\u63a7\u5236\u5668\u3002\r\n\r\nMitsubishi Electric MELSEC-Q Series\u548cMELSEC-L Series\u5b58\u5728\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\uff0c\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u901a\u8fc7\u53d1\u9001\u7279\u5236\u7684\u6570\u636e\u5305\u5728\u76ee\u6807\u4ea7\u54c1\u4e0a\u6267\u884c\u6076\u610f\u4ee3\u7801\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Mitsubishi Electric MELSEC-Q Series\u548cMELSEC-L Series\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Mitsubishi Electric MELSEC-L Series L02/06/26CPU(-P), L26CPU-(P)BT \u003c=26041",
      "Mitsubishi Electric MELSEC-Q Series Q04/06/13/26UDPVCPU",
      "Mitsubishi Electric MELSEC-Q Series Q03/04/06/13/26UDVCPU",
      "Mitsubishi Electric MELSEC-Q Series Q03UDECPU, Q04/06/10/13/20/26/50/100UDEHCPU"
    ]
  },
  "referenceLink": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2023-024_en.pdf",
  "serverity": "\u9ad8",
  "submitTime": "2024-03-19",
  "title": "Mitsubishi Electric MELSEC-Q Series\u548cMELSEC-L Series\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e"
}

GSD-2024-1917

Vulnerability from gsd - Updated: 2024-02-28 06:02

Details

Aliases

CVE-2024-1917

JSON

To clipboard

{
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2024-1917"
      ],
      "details": "Integer Overflow or Wraparound vulnerability in Mitsubishi Electric Corporation MELSEC-Q Series and MELSEC-L Series CPU modules allows a remote unauthenticated attacker to execute malicious code on a target product by sending a specially crafted packet.",
      "id": "GSD-2024-1917",
      "modified": "2024-02-28T06:02:29.341518Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp",
        "ID": "CVE-2024-1917",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "MELSEC-Q Series Q03UDECPU",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "all versions"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "MELSEC-Q Series Q04UDEHCPU",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "all versions"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "MELSEC-Q Series Q06UDEHCPU",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "all versions"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "MELSEC-Q Series Q10UDEHCPU",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "all versions"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "MELSEC-Q Series Q13UDEHCPU",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "all versions"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "MELSEC-Q Series Q20UDEHCPU",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "all versions"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "MELSEC-Q Series Q26UDEHCPU",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "all versions"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "MELSEC-Q Series Q50UDEHCPU",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "all versions"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "MELSEC-Q Series Q100UDEHCPU",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "all versions"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "MELSEC-Q Series Q03UDVCPU",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "all versions"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "MELSEC-Q Series Q04UDVCPU",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "all versions"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "MELSEC-Q Series Q06UDVCPU",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "all versions"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "MELSEC-Q Series Q13UDVCPU",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "all versions"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "MELSEC-Q Series Q26UDVCPU",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "all versions"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "MELSEC-Q Series Q04UDPVCPU",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "all versions"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "MELSEC-Q Series Q06UDPVCPU",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "all versions"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "MELSEC-Q Series Q13UDPVCPU",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "all versions"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "MELSEC-Q Series Q26UDPVCPU",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "all versions"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "MELSEC-L Series L02CPU",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "all versions"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "MELSEC-L Series L06CPU",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "all versions"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "MELSEC-L Series L26CPU",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "all versions"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "MELSEC-L Series L02CPU-P",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "all versions"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "MELSEC-L Series L06CPU-P",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "all versions"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "MELSEC-L Series L26CPU-P",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "all versions"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "MELSEC-L Series L26CPU-BT",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "all versions"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "MELSEC-L Series L26CPU-PBT",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "all versions"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Mitsubishi Electric Corporation"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Integer Overflow or Wraparound vulnerability in Mitsubishi Electric Corporation MELSEC-Q Series and MELSEC-L Series CPU modules allows a remote unauthenticated attacker to execute malicious code on a target product by sending a specially crafted packet."
          }
        ]
      },
      "generator": {
        "engine": "Vulnogram 0.1.0-dev"
      },
      "impact": {
        "cvss": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "cweId": "CWE-190",
                "lang": "eng",
                "value": "CWE-190 Integer Overflow or Wraparound"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2023-024_en.pdf",
            "refsource": "MISC",
            "url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2023-024_en.pdf"
          },
          {
            "name": "https://jvn.jp/vu/JVNVU99690199/",
            "refsource": "MISC",
            "url": "https://jvn.jp/vu/JVNVU99690199/"
          },
          {
            "name": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-074-14",
            "refsource": "MISC",
            "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-074-14"
          }
        ]
      },
      "source": {
        "discovery": "UNKNOWN"
      }
    },
    "nvd.nist.gov": {
      "cve": {
        "descriptions": [
          {
            "lang": "en",
            "value": "Integer Overflow or Wraparound vulnerability in Mitsubishi Electric Corporation MELSEC-Q Series and MELSEC-L Series CPU modules allows a remote unauthenticated attacker to execute malicious code on a target product by sending a specially crafted packet."
          },
          {
            "lang": "es",
            "value": "Vulnerabilidad de desbordamiento de enteros o envoltura en los m\u00f3dulos de CPU de las series MELSEC-Q y MELSEC-L de Mitsubishi Electric Corporation permite que un atacante remoto no autenticado ejecute c\u00f3digo malicioso en un producto objetivo enviando un paquete especialmente manipulado."
          }
        ],
        "id": "CVE-2024-1917",
        "lastModified": "2024-03-15T12:53:06.423",
        "metrics": {
          "cvssMetricV31": [
            {
              "cvssData": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "exploitabilityScore": 3.9,
              "impactScore": 5.9,
              "source": "Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp",
              "type": "Secondary"
            }
          ]
        },
        "published": "2024-03-15T01:15:58.590",
        "references": [
          {
            "source": "Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp",
            "url": "https://jvn.jp/vu/JVNVU99690199/"
          },
          {
            "source": "Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp",
            "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-074-14"
          },
          {
            "source": "Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp",
            "url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2023-024_en.pdf"
          }
        ],
        "sourceIdentifier": "Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp",
        "vulnStatus": "Awaiting Analysis",
        "weaknesses": [
          {
            "description": [
              {
                "lang": "en",
                "value": "CWE-190"
              }
            ],
            "source": "Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp",
            "type": "Primary"
          }
        ]
      }
    }
  }
}

VAR-202403-0662

Vulnerability from variot - Updated: 2024-06-08 22:56

Integer Overflow or Wraparound vulnerability in Mitsubishi Electric Corporation MELSEC-Q Series and MELSEC-L Series CPU modules allows a remote unauthenticated attacker to execute malicious code on a target product by sending a specially crafted packet. Mitsubishi Electric MELSEC-Q Series is a MELSEC-Q series programmable logic controller of Mitsubishi Electric of Japan. Mitsubishi MELSEC-L Series is a MELSEC-L series programmable logic controller of Mitsubishi of Japan

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-202403-0662",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "electric melsec-l series l02/06/26cpu l26cpu- bt",
        "scope": "lte",
        "trust": 0.6,
        "vendor": "mitsubishi",
        "version": "\u003c=26041"
      },
      {
        "model": "electric melsec-q series q04/06/13/26udpvcpu",
        "scope": null,
        "trust": 0.6,
        "vendor": "mitsubishi",
        "version": null
      },
      {
        "model": "electric melsec-q series q03/04/06/13/26udvcpu",
        "scope": null,
        "trust": 0.6,
        "vendor": "mitsubishi",
        "version": null
      },
      {
        "model": "electric melsec-q series q03udecpu q04/06/10/13/20/26/50/100udehcpu",
        "scope": null,
        "trust": 0.6,
        "vendor": "mitsubishi",
        "version": null
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2024-26019"
      }
    ]
  },
  "cve": "CVE-2024-1917",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "id": "CNVD-2024-26019",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 3.9,
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        ],
        "severity": [
          {
            "author": "Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp",
            "id": "CVE-2024-1917",
            "trust": 1.0,
            "value": "CRITICAL"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2024-26019",
            "trust": 0.6,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2024-26019"
      },
      {
        "db": "NVD",
        "id": "CVE-2024-1917"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Integer Overflow or Wraparound vulnerability in Mitsubishi Electric Corporation MELSEC-Q Series and MELSEC-L Series CPU modules allows a remote unauthenticated attacker to execute malicious code on a target product by sending a specially crafted packet. Mitsubishi Electric MELSEC-Q Series is a MELSEC-Q series programmable logic controller of Mitsubishi Electric of Japan. Mitsubishi MELSEC-L Series is a MELSEC-L series programmable logic controller of Mitsubishi of Japan",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2024-1917"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2024-26019"
      }
    ],
    "trust": 1.44
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2024-1917",
        "trust": 1.6
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-24-074-14",
        "trust": 1.0
      },
      {
        "db": "JVN",
        "id": "JVNVU99690199",
        "trust": 1.0
      },
      {
        "db": "CNVD",
        "id": "CNVD-2024-26019",
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2024-26019"
      },
      {
        "db": "NVD",
        "id": "CVE-2024-1917"
      }
    ]
  },
  "id": "VAR-202403-0662",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2024-26019"
      }
    ],
    "trust": 0.06
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2024-26019"
      }
    ]
  },
  "last_update_date": "2024-06-08T22:56:39.143000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Patch for Mitsubishi Electric MELSEC-Q Series and MELSEC-L Series Remote Code Execution Vulnerability",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchinfo/show/554326"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2024-26019"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-190",
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2024-1917"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.6,
        "url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2023-024_en.pdf"
      },
      {
        "trust": 1.0,
        "url": "https://jvn.jp/vu/jvnvu99690199/"
      },
      {
        "trust": 1.0,
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-074-14"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2024-26019"
      },
      {
        "db": "NVD",
        "id": "CVE-2024-1917"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CNVD",
        "id": "CNVD-2024-26019"
      },
      {
        "db": "NVD",
        "id": "CVE-2024-1917"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2024-06-06T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2024-26019"
      },
      {
        "date": "2024-03-15T01:15:58.590000",
        "db": "NVD",
        "id": "CVE-2024-1917"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2024-06-05T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2024-26019"
      },
      {
        "date": "2024-03-15T12:53:06.423000",
        "db": "NVD",
        "id": "CVE-2024-1917"
      }
    ]
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Mitsubishi Electric MELSEC-Q Series and MELSEC-L Series Remote Code Execution Vulnerability",
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2024-26019"
      }
    ],
    "trust": 0.6
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2024-1917 (GCVE-0-2024-1917)

GHSA-V4PW-HGQP-3VV5

ICSA-24-074-14

FKIE_CVE-2024-1917

CNVD-2024-26019

GSD-2024-1917

VAR-202403-0662

Tags

Sightings

Nomenclature