HIGH🇵🇱 Wersja polska

CVE-2016-8368

CVSS 8.6v3.1pub. 2017-02-13upd. 2026-05-13

An issue was discovered in Mitsubishi Electric Automation MELSEC-Q series Ethernet interface modules QJ71E71-100, all versions, QJ71E71-B5, all versions, and QJ71E71-B2, all versions. The affected Ethernet interface module is connected to a MELSEC-Q PLC, which may allow a remote attacker to connect to the PLC via Port 5002/TCP and cause a denial of service, requiring the PLC to be reset to resume operation. This is caused by an Unrestricted Externally Accessible Lock.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
  • Mitsubishielectric Qj71e71 100

    HW
    Mitsubishielectric
    wszystkie wersje
  • Mitsubishielectric Qj71e71 100 Firmware

    OS
    Mitsubishielectric
    wszystkie wersje
  • Mitsubishielectric Qj71e71 B2

    HW
    Mitsubishielectric
    wszystkie wersje
  • Mitsubishielectric Qj71e71 B2 Firmware

    OS
    Mitsubishielectric
    wszystkie wersje
  • Mitsubishielectric Qj71e71 B5

    HW
    Mitsubishielectric
    wszystkie wersje
  • Mitsubishielectric Qj71e71 B5 Firmware

    OS
    Mitsubishielectric
    wszystkie wersje
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
DoS
CWE
References

Related vulnerabilities

CVE-2020-16226CRITICAL9.8ten sam produkt

Multiple Mitsubishi Electric products are vulnerable to impersonations of a legitimate device by a malicious a...

CVE-2019-10977HIGH7.5ten sam produkt

In Mitsubishi Electric MELSEC-Q series Ethernet module QJ71E71-100 serial number 20121 and prior, an attacker ...

CVE-2016-8370HIGH7.5ten sam produkt

An issue was discovered in Mitsubishi Electric Automation MELSEC-Q series Ethernet interface modules QJ71E71-1...

CVE-2023-6943CRITICAL9.8PL ✓ten sam vendor

Unsafe Reflection w oprogramowaniu Mitsubishi Electric — zdalne wykonanie kodu

CVE-2023-4699CRITICAL10.0ten sam vendor

Missing Authentication for Critical Function vulnerability in Mitsubishi Electric Corporation MELSEC-F Series ...