Rewterz Threat Advisory – ICS: Multiple Mitsubishi Electric MELSEC Series Vulnerabilities

Severity

High

Analysis Summary

CVE-2024-1917 CVSS:9.8

Mitsubishi Electric MELSEC-Q/L Series could allow a remote attacker to execute arbitrary code on the system, caused by integer overflow or wraparound. By sending a specially crafted packet, an attacker could exploit this vulnerability to execute malicious code.

CVE-2024-1916 CVSS:9.8

Mitsubishi Electric MELSEC-Q/L Series could allow a remote attacker to execute arbitrary code on the system, caused by integer overflow or wraparound. By sending a specially crafted packet, an attacker could exploit this vulnerability to execute malicious code.

CVE-2024-1915 CVSS:9.8

Mitsubishi Electric MELSEC-Q/L Series could allow a remote attacker to execute arbitrary code on the system, caused by incorrect pointer scaling. By sending a specially crafted packet, an attacker could exploit this vulnerability to execute malicious code.

CVE-2024-0803 CVSS:9.8

Mitsubishi Electric MELSEC-Q/L Series could allow a remote attacker to execute arbitrary code on the system, caused by integer overflow or wraparound. By sending a specially crafted packet, an attacker could exploit this vulnerability to execute malicious code.

CVE-2024-0802 CVSS:9.8

Mitsubishi Electric MELSEC-Q/L Series could allow a remote attacker to execute arbitrary code on the system, caused by incorrect pointer scaling. By sending a specially crafted packet, an attacker could exploit this vulnerability to read arbitrary information or execute malicious code.

Impact

• Gain Access

Indicators Of Compromise

CVE

• CVE-2024-1917
• CVE-2024-1916
• CVE-2024-1915
• CVE-2024-0803
• CVE-2024-0802

Affected Vendors

Mitsubishi Electric

Affected Products

• Mitsubishi Electric MELSEC-Q Series Q03/04/06/13/26UDVCPU
• Mitsubishi Electric MELSEC-Q Series Q04/06/13/26UDPVCPU

Remediation

Refer to Mitsubishi Electric advisory for patch, upgrade or suggested workaround information.

Mitsubishi Electric advisory