CVE-2023-1424 - OpenCVE

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series CPU modules and MELSEC iQ-R Series CPU modules allows a remote unauthenticated attacker to cause a denial of service (DoS) condition or execute malicious code on a target product by sending specially crafted packets. A system reset of the product is required for recovery from a denial of service (DoS) condition and malicious code execution.

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Mitsubishielectric	Melsec Iq-fx5u-80mt\/ess Melsec Iq-fx5u-64mr\/es Firmware Melsec Iq-fx5u-32mt\/es Melsec Iq-fx5u-32mt\/dss Melsec Iq-fx5uc-64mr\/ds Firmware Melsec Iq-fx5u-80mr\/ds Melsec Iq-fx5uc-96mr\/ds Firmware Melsec Iq-fx5uc-32mr\/ds Firmware Melsec Iq-fx5u-80mt\/ds Melsec Iq-fx5u-32mt\/dss Firmware Melsec Iq-fx5u-32mr\/ess Melsec Iq-fx5u-64mt\/ds Firmware Melsec Iq-fx5u-64mr\/dss Melsec Iq-fx5u-80mr\/dss Firmware Melsec Iq-fx5uc-96mt\/dds Melsec Iq-fx5u-80mt\/dss Firmware Melsec Iq-fx5uc-32mt\/ds Melsec Iq-fx5u-32mr\/dss Melsec Iq-fx5u-64mr\/ess Melsec Iq-fx5uc-64mt\/ds Melsec Iq-fx5uc-64mr\/dds Firmware Melsec Iq-fx5u-80mr\/ds Firmware Melsec Iq-fx5uc-96mr\/dds Melsec Iq-fx5u-64mt\/dss Firmware Melsec Iq-fx5uc-96mr\/ds Melsec Iq-fx5u-80mt\/es Firmware Melsec Iq-fx5uc-64mt\/ds Firmware Melsec Iq-fx5u-80mt\/ds Firmware Melsec Iq-fx5u-80mr\/ess Melsec Iq-fx5uc-96mt\/dds Firmware Melsec Iq-fx5u-80mt\/dss Melsec Iq-fx5u-32mt\/ds Melsec Iq-fx5u-32mt\/ds Firmware Melsec Iq-fx5u-32mr\/es Firmware Melsec Iq-fx5u-80mr\/es Melsec Iq-fx5u-32mr\/es Melsec Iq-fx5u-64mt\/es Firmware Melsec Iq-fx5uc-32mt\/dds Firmware Melsec Iq-fx5u-32mt\/es Firmware Melsec Iq-fx5u-32mt\/ess Melsec Iq-fx5uc-96mt\/ds Melsec Iq-fx5u-64mt\/dss Melsec Iq-fx5uc-64mt\/dds Firmware Melsec Iq-fx5u-64mr\/dss Firmware Melsec Iq-fx5uc-32mr\/dds Firmware Melsec Iq-fx5u-80mt\/ess Firmware Melsec Iq-fx5uc-96mr\/dds Firmware Melsec Iq-fx5u-64mt\/ess Melsec Iq-fx5u-64mr\/ess Firmware Melsec Iq-fx5u-32mt\/ess Firmware Melsec Iq-fx5uc-32mt\/ds-ts Firmware Melsec Iq-fx5u-32mr\/ds Firmware Melsec Iq-fx5uc-32mr\/ds-ts Firmware Melsec Iq-fx5u-64mt\/ds Melsec Iq-fx5uc-32mr\/dds Melsec Iq-fx5u-80mt\/es Melsec Iq-fx5uc-64mr\/ds Melsec Iq-fx5uc-32mt\/ds Firmware Melsec Iq-fx5uc-32mt\/dss-ts Firmware Melsec Iq-fx5u-64mr\/ds Firmware Melsec Iq-fx5u-64mr\/ds Melsec Iq-fx5u-64mt\/es Melsec Iq-fx5u-80mr\/ess Firmware Melsec Iq-fx5u-32mr\/ds Melsec Iq-fx5u-32mr\/ess Firmware Melsec Iq-fx5uc-96mt\/ds Firmware Melsec Iq-fx5u-80mr\/es Firmware Melsec Iq-fx5uc-32mr\/ds Melsec Iq-fx5uc-32mt\/dss-ts Melsec Iq-fx5uc-32mt\/ds-ts Melsec Iq-fx5uc-64mt\/dds Melsec Iq-fx5uc-32mt\/dds Melsec Iq-fx5u-32mr\/dss Firmware Melsec Iq-fx5uc-32mr\/ds-ts Melsec Iq-fx5uc-64mr\/dds Melsec Iq-fx5u-64mr\/es Melsec Iq-fx5u-64mt\/ess Firmware Melsec Iq-fx5u-80mr\/dss

Configuration 1 [-]

AND

cpe:2.3:o:mitsubishielectric:melsec_iq-fx5u-32mr\/ds_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mitsubishielectric:melsec_iq-fx5u-32mr\/ds:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:mitsubishielectric:melsec_iq-fx5u-32mr\/dss_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mitsubishielectric:melsec_iq-fx5u-32mr\/dss:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:o:mitsubishielectric:melsec_iq-fx5u-32mr\/es_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mitsubishielectric:melsec_iq-fx5u-32mr\/es:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND

cpe:2.3:o:mitsubishielectric:melsec_iq-fx5u-32mr\/ess_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mitsubishielectric:melsec_iq-fx5u-32mr\/ess:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND

cpe:2.3:o:mitsubishielectric:melsec_iq-fx5u-32mt\/ds_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mitsubishielectric:melsec_iq-fx5u-32mt\/ds:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND

cpe:2.3:o:mitsubishielectric:melsec_iq-fx5u-32mt\/dss_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mitsubishielectric:melsec_iq-fx5u-32mt\/dss:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND

cpe:2.3:o:mitsubishielectric:melsec_iq-fx5u-32mt\/es_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mitsubishielectric:melsec_iq-fx5u-32mt\/es:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND

cpe:2.3:o:mitsubishielectric:melsec_iq-fx5u-32mt\/ess_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mitsubishielectric:melsec_iq-fx5u-32mt\/ess:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND

cpe:2.3:o:mitsubishielectric:melsec_iq-fx5u-64mr\/ds_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mitsubishielectric:melsec_iq-fx5u-64mr\/ds:-:*:*:*:*:*:*:*

Configuration 10 [-]

AND

cpe:2.3:o:mitsubishielectric:melsec_iq-fx5u-64mr\/dss_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mitsubishielectric:melsec_iq-fx5u-64mr\/dss:-:*:*:*:*:*:*:*

Configuration 11 [-]

AND

cpe:2.3:o:mitsubishielectric:melsec_iq-fx5u-64mr\/es_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mitsubishielectric:melsec_iq-fx5u-64mr\/es:-:*:*:*:*:*:*:*

Configuration 12 [-]

AND

cpe:2.3:o:mitsubishielectric:melsec_iq-fx5u-64mr\/ess_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mitsubishielectric:melsec_iq-fx5u-64mr\/ess:-:*:*:*:*:*:*:*

Configuration 13 [-]

AND

cpe:2.3:o:mitsubishielectric:melsec_iq-fx5u-64mt\/ds_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mitsubishielectric:melsec_iq-fx5u-64mt\/ds:-:*:*:*:*:*:*:*

Configuration 14 [-]

AND

cpe:2.3:o:mitsubishielectric:melsec_iq-fx5u-64mt\/dss_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mitsubishielectric:melsec_iq-fx5u-64mt\/dss:-:*:*:*:*:*:*:*

Configuration 15 [-]

AND

cpe:2.3:o:mitsubishielectric:melsec_iq-fx5u-64mt\/es_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mitsubishielectric:melsec_iq-fx5u-64mt\/es:-:*:*:*:*:*:*:*

Configuration 16 [-]

AND

cpe:2.3:o:mitsubishielectric:melsec_iq-fx5u-64mt\/ess_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mitsubishielectric:melsec_iq-fx5u-64mt\/ess:-:*:*:*:*:*:*:*

Configuration 17 [-]

AND

cpe:2.3:o:mitsubishielectric:melsec_iq-fx5u-80mr\/ds_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mitsubishielectric:melsec_iq-fx5u-80mr\/ds:-:*:*:*:*:*:*:*

Configuration 18 [-]

AND

cpe:2.3:o:mitsubishielectric:melsec_iq-fx5u-80mr\/dss_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mitsubishielectric:melsec_iq-fx5u-80mr\/dss:-:*:*:*:*:*:*:*

Configuration 19 [-]

AND

cpe:2.3:o:mitsubishielectric:melsec_iq-fx5u-80mr\/es_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mitsubishielectric:melsec_iq-fx5u-80mr\/es:-:*:*:*:*:*:*:*

Configuration 20 [-]

AND

cpe:2.3:o:mitsubishielectric:melsec_iq-fx5u-80mr\/ess_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mitsubishielectric:melsec_iq-fx5u-80mr\/ess:-:*:*:*:*:*:*:*

Configuration 21 [-]

AND

cpe:2.3:o:mitsubishielectric:melsec_iq-fx5u-80mt\/ds_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mitsubishielectric:melsec_iq-fx5u-80mt\/ds:-:*:*:*:*:*:*:*

Configuration 22 [-]

AND

cpe:2.3:o:mitsubishielectric:melsec_iq-fx5u-80mt\/dss_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mitsubishielectric:melsec_iq-fx5u-80mt\/dss:-:*:*:*:*:*:*:*

Configuration 23 [-]

AND

cpe:2.3:o:mitsubishielectric:melsec_iq-fx5u-80mt\/es_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mitsubishielectric:melsec_iq-fx5u-80mt\/es:-:*:*:*:*:*:*:*

Configuration 24 [-]

AND

cpe:2.3:o:mitsubishielectric:melsec_iq-fx5u-80mt\/ess_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mitsubishielectric:melsec_iq-fx5u-80mt\/ess:-:*:*:*:*:*:*:*

Configuration 25 [-]

AND

cpe:2.3:o:mitsubishielectric:melsec_iq-fx5uc-32mr\/dds_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mitsubishielectric:melsec_iq-fx5uc-32mr\/dds:-:*:*:*:*:*:*:*

Configuration 26 [-]

AND

cpe:2.3:o:mitsubishielectric:melsec_iq-fx5uc-32mr\/ds_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mitsubishielectric:melsec_iq-fx5uc-32mr\/ds:-:*:*:*:*:*:*:*

Configuration 27 [-]

AND

cpe:2.3:o:mitsubishielectric:melsec_iq-fx5uc-32mr\/ds-ts_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mitsubishielectric:melsec_iq-fx5uc-32mr\/ds-ts:-:*:*:*:*:*:*:*

Configuration 28 [-]

AND

cpe:2.3:o:mitsubishielectric:melsec_iq-fx5uc-32mt\/dds_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mitsubishielectric:melsec_iq-fx5uc-32mt\/dds:-:*:*:*:*:*:*:*

Configuration 29 [-]

AND

cpe:2.3:o:mitsubishielectric:melsec_iq-fx5uc-32mt\/ds_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mitsubishielectric:melsec_iq-fx5uc-32mt\/ds:-:*:*:*:*:*:*:*

Configuration 30 [-]

AND

cpe:2.3:o:mitsubishielectric:melsec_iq-fx5uc-32mt\/dss-ts_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mitsubishielectric:melsec_iq-fx5uc-32mt\/dss-ts:-:*:*:*:*:*:*:*

Configuration 31 [-]

AND

cpe:2.3:o:mitsubishielectric:melsec_iq-fx5uc-32mt\/ds-ts_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mitsubishielectric:melsec_iq-fx5uc-32mt\/ds-ts:-:*:*:*:*:*:*:*

Configuration 32 [-]

AND

cpe:2.3:o:mitsubishielectric:melsec_iq-fx5uc-64mr\/dds_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mitsubishielectric:melsec_iq-fx5uc-64mr\/dds:-:*:*:*:*:*:*:*

Configuration 33 [-]

AND

cpe:2.3:o:mitsubishielectric:melsec_iq-fx5uc-64mr\/ds_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mitsubishielectric:melsec_iq-fx5uc-64mr\/ds:-:*:*:*:*:*:*:*

Configuration 34 [-]

AND

cpe:2.3:o:mitsubishielectric:melsec_iq-fx5uc-64mt\/dds_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mitsubishielectric:melsec_iq-fx5uc-64mt\/dds:-:*:*:*:*:*:*:*

Configuration 35 [-]

AND

cpe:2.3:o:mitsubishielectric:melsec_iq-fx5uc-64mt\/ds_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mitsubishielectric:melsec_iq-fx5uc-64mt\/ds:-:*:*:*:*:*:*:*

Configuration 36 [-]

AND

cpe:2.3:o:mitsubishielectric:melsec_iq-fx5uc-96mr\/dds_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mitsubishielectric:melsec_iq-fx5uc-96mr\/dds:-:*:*:*:*:*:*:*

Configuration 37 [-]

AND

cpe:2.3:o:mitsubishielectric:melsec_iq-fx5uc-96mr\/ds_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mitsubishielectric:melsec_iq-fx5uc-96mr\/ds:-:*:*:*:*:*:*:*

Configuration 38 [-]

AND

cpe:2.3:o:mitsubishielectric:melsec_iq-fx5uc-96mt\/dds_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mitsubishielectric:melsec_iq-fx5uc-96mt\/dds:-:*:*:*:*:*:*:*

Configuration 39 [-]

AND

cpe:2.3:o:mitsubishielectric:melsec_iq-fx5uc-96mt\/ds_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mitsubishielectric:melsec_iq-fx5uc-96mt\/ds:-:*:*:*:*:*:*:*

References

Link	Resource
https://jvn.jp/vu/JVNVU94650413	Third Party Advisory
https://www.cisa.gov/news-events/ics-advisories/icsa-23-143-03	Third Party Advisory US Government Resource
https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2023-003_en.pdf	Patch Vendor Advisory