PT-2024-8942 · Mitsubishi · Melsec Iq-F Series Fx5-Enet/Ip
Published
2024-11-18
·
Updated
2024-11-20
·
CVE-2024-8403
CVSS v2.0
7.8
High
| Vector | AV:N/AC:L/Au:N/C:N/I:N/A:C |
Name of the Vulnerable Software and Affected Versions:
Mitsubishi Electric Corporation MELSEC iQ-F Series FX5-ENET versions 1.100 and later
Mitsubishi Electric Corporation MELSEC iQ-F Series FX5-ENET/IP versions 1.100 to 1.104
Description:
The issue is related to improper validation of specified input types, allowing a remote attacker to cause a Denial of Service condition in Ethernet communication by sending specially crafted SLMP packets.
Recommendations:
For versions 1.100 and later of FX5-ENET, update to a version that includes the fix for this issue.
For versions 1.100 to 1.104 of FX5-ENET/IP, update to a version that includes the fix for this issue.
As a temporary workaround, consider restricting access to the SLMP packet handler to minimize the risk of exploitation.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Melsec Iq-F Series Fx5-Enet/Ip