← voltar
CVE-2023-3346

Denial of Service (DoS) and Remote Code Execution Vulnerability in MITSUBISHI CNC Series

CVSS 9.8 CRITICALEPSS 1.7%CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in MITSUBSHI CNC Series allows a remote unauthenticated attacker to cause Denial of Service (DoS) condition and execute arbitrary code on the product by sending specially crafted packets. In addition, system reset is required for recovery.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Produtos afetados
Mitsubishi Electric Corporation · MITSUBISHI CNC C80 Series C80Mitsubishi Electric Corporation · MITSUBISHI CNC E70 Series E70Mitsubishi Electric Corporation · MITSUBISHI CNC E80 Series E80Mitsubishi Electric Corporation · MITSUBISHI CNC IoT Unit Data Acquisition UnitMitsubishi Electric Corporation · MITSUBISHI CNC IoT Unit Remote Service Gateway UnitMitsubishi Electric Corporation · MITSUBISHI CNC M700V Series M720VSMitsubishi Electric Corporation · MITSUBISHI CNC M700V Series M720VWMitsubishi Electric Corporation · MITSUBISHI CNC M700V Series M730VSMitsubishi Electric Corporation · MITSUBISHI CNC M700V Series M730VWMitsubishi Electric Corporation · MITSUBISHI CNC M700V Series M750VSMitsubishi Electric Corporation · MITSUBISHI CNC M700V Series M750VWMitsubishi Electric Corporation · MITSUBISHI CNC M70V Series M70VMitsubishi Electric Corporation · MITSUBISHI CNC M800 Series M800SMitsubishi Electric Corporation · MITSUBISHI CNC M800 Series M800WMitsubishi Electric Corporation · MITSUBISHI CNC M800V Series M800VSMitsubishi Electric Corporation · MITSUBISHI CNC M800V Series M800VWMitsubishi Electric Corporation · MITSUBISHI CNC M80 Series M80Mitsubishi Electric Corporation · MITSUBISHI CNC M80 Series M80WMitsubishi Electric Corporation · MITSUBISHI CNC M80V Series M80VMitsubishi Electric Corporation · MITSUBISHI CNC M80V Series M80VW

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://jvn.jp/vu/JVNVU90352157/index.htmlhttps://www.cisa.gov/news-events/ics-advisories/icsa-23-208-03https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2023-007_en.pdf