Heea Go

**Name of the Vulnerable Software and Affected Versions** Mitsubishi Electric Corporation MELSEC iQ-F Series versions all Mitsubishi Electric Corporation MELSEC iQ-R Series versions all Mitsubishi Electric Corporation MELSEC-Q Series versions all Mitsubishi Electric Corporation MELSEC-L Series versions all Mitsubishi Electric Corporation MELSEC iQ-F Series FX5U CPU modules version all Mitsubishi Electric Corporation MELSEC iQ-F Series FX5U(C) CPU modules version all Mitsubishi Electric Corporation MELSEC iQ-F Series FX5UJ CPU modules version all Mitsubishi Electric Corporation MELSEC iQ-F Series FX5S CPU modules version all Mitsubishi Electric Corporation MELSEC iQ-F Series FX5-ENET version all Mitsubishi Electric Corporation MELSEC iQ-F Series FX5-ENET/IP version all **Description** The issue concerns a Plaintext Storage of a Password vulnerability, allowing a remote unauthenticated attacker to disclose plaintext credentials stored in project files and login into the FTP server or Web server. **Recommendations** For Mitsubishi Electric Corporation MELSEC iQ-F Series, consider disabling the storage of plaintext passwords in project files until a patch is available. For Mitsubishi Electric Corporation MELSEC iQ-R Series, restrict access to the FTP server and Web server to minimize the risk of exploitation. For Mitsubishi Electric Corporation MELSEC-Q Series, avoid using plaintext credentials in project files until the issue is resolved. For Mitsubishi Electric Corporation MELSEC-L Series, restrict access to the FTP server and Web server to minimize the risk of exploitation. For Mitsubishi Electric Corporation MELSEC iQ-F Series FX5U CPU modules, consider disabling the storage of plaintext passwords in project files until a patch is available. For Mitsubishi Electric Corporation MELSEC iQ-F Series FX5U(C) CPU modules, restrict access to the FTP server and Web server to minimize the risk of exploitation. For Mitsubishi Electric Corporation MELSEC iQ-F Series FX5UJ CPU modules, avoid using plaintext credentials in project files until the issue is resolved. For Mitsubishi Electric Corporation MELSEC iQ-F Series FX5S CPU modules, restrict access to the FTP server and Web server to minimize the risk of exploitation. For Mitsubishi Electric Corporation MELSEC iQ-F Series FX5-ENET, consider disabling the storage of plaintext passwords in project files until a patch is available. For Mitsubishi Electric Corporation MELSEC iQ-F Series FX5-ENET/IP, restrict access to the FTP server and Web server to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** LS ELECTRIC XBC-DN32U version 01.80 **Description** The issue is related to missing authentication for critical functions in the PLC, which could allow an attacker to change the PLC's mode arbitrarily. **Recommendations** For LS ELECTRIC XBC-DN32U version 01.80, consider implementing authentication mechanisms to restrict access to critical functions until a patch is available. As a temporary workaround, restrict access to the PLC to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** LS ELECTRIC XBC-DN32U version 01.80 **Description** The issue is related to improper access control in the read prohibition feature of the device. This could allow a remote attacker to set the feature to lock users out of reading data from the device. **Recommendations** For LS ELECTRIC XBC-DN32U version 01.80, consider restricting access to the read prohibition feature until a patch is available. As a temporary workaround, limit the ability of remote attackers to modify the feature settings to prevent users from being locked out of reading data from the device. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** LS ELECTRIC XBC-DN32U version 01.80 **Description** The issue is related to the transmission of sensitive information in cleartext when the device communicates over its XGT protocol. This could allow an attacker to gain sensitive information, such as user credentials. **Recommendations** For LS ELECTRIC XBC-DN32U version 01.80, consider restricting access to the XGT protocol to minimize the risk of exploitation until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** LS ELECTRIC XBC-DN32U version 01.80 **Description** The issue is related to inadequate access control to the PLC over its internal XGT protocol. An attacker could potentially control and tamper with the PLC by sending specially crafted packets to the PLC over its XGT protocol. This could allow a remote attacker to gain control and manage the controller's operation. **Recommendations** For LS ELECTRIC XBC-DN32U version 01.80, consider restricting access to the XGT protocol to minimize the risk of exploitation until a patch is available. As a temporary workaround, limit the ability to send packets to the PLC over its XGT protocol. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** LS ELECTRIC XBC-DN32U version 01.80 **Description** The issue is caused by a buffer overflow in the memory of the programmable logic controller. If an attacker accesses memory locations outside of the communication buffer, the device stops operating, potentially allowing a remote attacker to cause a denial-of-service condition. **Recommendations** For version 01.80, consider restricting access to memory locations outside of the communication buffer to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** LS ELECTRIC XBC-DN32U version 01.80 **Description** The issue is related to the absence of authentication for a critical function in the programmable logic controller's software. This could allow a remote attacker to elevate their privileges and gain control of the device by creating an account with elevated privileges. **Recommendations** For LS ELECTRIC XBC-DN32U version 01.80, consider implementing authentication mechanisms to restrict access to critical functions, such as user creation on the PLC, until a patch is available. As a temporary workaround, restrict access to the device to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** LS ELECTRIC XBC-DN32U version 01.80 **Description** The issue is related to the lack of authentication for a critical function in the LS ELECTRIC XBC-DN32U, specifically its deletion command. This could allow an attacker to delete arbitrary files. The exploitation of this issue may enable a remote attacker to perform unauthorized file deletion. **Recommendations** For LS ELECTRIC XBC-DN32U version 01.80, consider disabling the deletion command functionality until a patch or fix is available to address the lack of authentication. Restrict access to the device to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.