FlagThis

CyberSecurity updates
Updated: 2024-10-22 07:45:27 Pacfic
mitsubishielectric.com
Vulnerabilities in Mitsubishi Electric MELSEC iQ-F FX5-OPC Communication Units - 10d

Read more: www.mitsubishielectric.com

Mitsubishi Electric has identified a vulnerability, tracked as CVE-2024-0727, in its MELSEC iQ-F FX5-OPC communication units. The vulnerability is a NULL pointer dereference flaw that can be exploited by malicious actors to cause denial-of-service (DoS) conditions. The attacker could exploit this vulnerability by using a specially crafted PKCS#12 format certificate and getting a legitimate user to import it. This could cause the affected device to crash or become unresponsive, disrupting industrial operations. Mitsubishi Electric has not released a patch for this vulnerability and has recommended mitigation steps to minimize the risk of exploitation.

References:
  • Over Security - Mitsubishi Electric's MELSEC iQ-F FX5-OPC communication units are affected by a NULL pointer dereference vulnerability ( ) that malicious actors could exploit to create denial-of-service (DoS) conditi - 10d
  • nvd.nist.gov - Mitsubishi Electric's MELSEC iQ-F FX5-OPC communication units are affected by a NULL pointer dereference vulnerability ( ) that malicious actors could exploit to create denial-of-service (DoS) conditi - 10d
  • www.zeroscience.mk - Mitsubishi Electric's MELSEC iQ-F FX5-OPC communication units are affected by a NULL pointer dereference vulnerability ( ) that malicious actors could exploit to create denial-of-service (DoS) conditi - 10d

Classification:

This site is an experimental news aggregator using feeds I personally follow. You can reach me using contacts documented at my website here (https://royans.net/) if you have feedback. You can also find Flathis at Mastodon.