Severity
High
Analysis Summary
CVE-2023-0457
Mitsubishi Electric products could allow a remote attacker to obtain sensitive information, caused by plaintext storage of a password. By sniffing encrypted communications, an attacker could exploit this vulnerability to obtain the password and use this information to launch further attacks against the affected system.
Impact
- Information Disclosure
Indicators Of Compromise
CVE
- CVE-2023-0457
Affected Vendors
Mitsubishi Electric
Affected Products
- Mitsubishi Electric MELSEC iQ-F series
Remediation
Refer to Mitsubishi Electric Advisory for patch, upgrade or suggested workaround information.