CWE-468
Incorrect Pointer Scaling
In C and C++, one may often accidentally refer to the wrong memory due to the semantics of when math operations are implicitly scaled.
CVE-2024-0802 (GCVE-0-2024-0802)
Vulnerability from cvelistv5 – Published: 2024-03-14 23:57 – Updated: 2024-08-01 18:18
VLAI
Summary
Incorrect Pointer Scaling vulnerability in Mitsubishi Electric Corporation MELSEC-Q Series and MELSEC-L Series CPU modules allows a remote unauthenticated attacker to read arbitrary information from a target product or execute malicious code on a target product by sending a specially crafted packet.
Severity
9.8 (Critical)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-468 - Incorrect Pointer Scaling
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://www.mitsubishielectric.com/en/psirt/vulne… | vendor-advisory |
| https://jvn.jp/vu/JVNVU99690199/ | government-resource |
| https://www.cisa.gov/news-events/ics-advisories/i… | government-resource |
Impacted products
51 products
| Vendor | Product | Version | |
|---|---|---|---|
| Mitsubishi Electric Corporation | MELSEC-Q Series Q03UDECPU |
Affected:
The first 5 digits of serial No. "26061" and prior
|
|
| Mitsubishi Electric Corporation | MELSEC-Q Series Q04UDEHCPU |
Affected:
The first 5 digits of serial No. "26061" and prior
|
|
| Mitsubishi Electric Corporation | MELSEC-Q Series Q06UDEHCPU |
Affected:
The first 5 digits of serial No. "26061" and prior
|
|
| Mitsubishi Electric Corporation | MELSEC-Q Series Q10UDEHCPU |
Affected:
The first 5 digits of serial No. "26061" and prior
|
|
| Mitsubishi Electric Corporation | MELSEC-Q Series Q13UDEHCPU |
Affected:
The first 5 digits of serial No. "26061" and prior
|
|
| Mitsubishi Electric Corporation | MELSEC-Q Series Q20UDEHCPU |
Affected:
The first 5 digits of serial No. "26061" and prior
|
|
| Mitsubishi Electric Corporation | MELSEC-Q Series Q26UDEHCPU |
Affected:
The first 5 digits of serial No. "26061" and prior
|
|
| Mitsubishi Electric Corporation | MELSEC-Q Series Q50UDEHCPU |
Affected:
The first 5 digits of serial No. "26061" and prior
|
|
| Mitsubishi Electric Corporation | MELSEC-Q Series Q100UDEHCPU |
Affected:
The first 5 digits of serial No. "26061" and prior
|
|
| Mitsubishi Electric Corporation | MELSEC-Q Series Q03UDVCPU |
Affected:
The first 5 digits of serial No. "26061" and prior
|
|
| Mitsubishi Electric Corporation | MELSEC-Q Series Q04UDVCPU |
Affected:
The first 5 digits of serial No. "26061" and prior
|
|
| Mitsubishi Electric Corporation | MELSEC-Q Series Q06UDVCPU |
Affected:
The first 5 digits of serial No. "26061" and prior
|
|
| Mitsubishi Electric Corporation | MELSEC-Q Series Q13UDVCPU |
Affected:
The first 5 digits of serial No. "26061" and prior
|
|
| Mitsubishi Electric Corporation | MELSEC-Q Series Q26UDVCPU |
Affected:
The first 5 digits of serial No. "26061" and prior
|
|
| Mitsubishi Electric Corporation | MELSEC-Q Series Q04UDPVCPU |
Affected:
The first 5 digits of serial No. "26061" and prior
|
|
| Mitsubishi Electric Corporation | MELSEC-Q Series Q06UDPVCPU |
Affected:
The first 5 digits of serial No. "26061" and prior
|
|
| Mitsubishi Electric Corporation | MELSEC-Q Series Q13UDPVCPU |
Affected:
The first 5 digits of serial No. "26061" and prior
|
|
| Mitsubishi Electric Corporation | MELSEC-Q Series Q26UDPVCPU |
Affected:
The first 5 digits of serial No. "26061" and prior
|
|
| Mitsubishi Electric Corporation | MELSEC-L Series L02CPU |
Affected:
The first 5 digits of serial No. "26041" and prior
|
|
| Mitsubishi Electric Corporation | MELSEC-L Series L06CPU |
Affected:
The first 5 digits of serial No. "26041" and prior
|
|
| Mitsubishi Electric Corporation | MELSEC-L Series L26CPU |
Affected:
The first 5 digits of serial No. "26041" and prior
|
|
| Mitsubishi Electric Corporation | MELSEC-L Series L02CPU-P |
Affected:
The first 5 digits of serial No. "26041" and prior
|
|
| Mitsubishi Electric Corporation | MELSEC-L Series L06CPU-P |
Affected:
The first 5 digits of serial No. "26041" and prior
|
|
| Mitsubishi Electric Corporation | MELSEC-L Series L26CPU-P |
Affected:
The first 5 digits of serial No. "26041" and prior
|
|
| Mitsubishi Electric Corporation | MELSEC-L Series L26CPU-BT |
Affected:
The first 5 digits of serial No. "26041" and prior
|
|
| Mitsubishi Electric Corporation | MELSEC-L Series L26CPU-PBT |
Affected:
The first 5 digits of serial No. "26041" and prior
|
|
| mitsubishielectric | melsec_q-q03udecpu |
Affected:
0 , < xxxxx26061
(custom)
cpe:2.3:h:mitsubishielectric:melsec_q-q03udecpu:-:*:*:*:*:*:*:* |
|
| mitsubishielectric | melsec_q-q04udehcpu |
Affected:
0 , < xxxxx26061
(custom)
cpe:2.3:h:mitsubishielectric:melsec_q-q04udehcpu:-:*:*:*:*:*:*:* |
|
| mitsubishielectric | melsec_q-q06udehcpu |
Affected:
0 , < xxxxx26061
(custom)
cpe:2.3:h:mitsubishielectric:melsec_q-q06udehcpu:-:*:*:*:*:*:*:* |
|
| mitsubishielectric | melsec_q-q10udehcpu |
Affected:
0 , < xxxxx26061
(custom)
cpe:2.3:h:mitsubishielectric:melsec_q-q10udehcpu:-:*:*:*:*:*:*:* |
|
| mitsubishielectric | melsec_q-q13udehcpu |
Affected:
0 , < xxxxx26061
(custom)
cpe:2.3:h:mitsubishielectric:melsec_q-q13udehcpu:-:*:*:*:*:*:*:* |
|
| mitsubishielectric | melsec_q-q20udehcpu |
Affected:
0 , < xxxxx26061
(custom)
cpe:2.3:h:mitsubishielectric:melsec_q-q20udehcpu:-:*:*:*:*:*:*:* |
|
| mitsubishielectric | melsec_q-q26udehcpu |
Affected:
0 , < xxxxx26061
(custom)
cpe:2.3:h:mitsubishielectric:melsec_q-q26udehcpu:-:*:*:*:*:*:*:* |
|
| mitsubishielectric | melsec_q-q50udehcpu |
Affected:
0 , < xxxxx26061
(custom)
cpe:2.3:h:mitsubishielectric:melsec_q-q50udehcpu:-:*:*:*:*:*:*:* |
|
| mitsubishielectric | melsec_q-q100udehcpu |
Affected:
0 , < xxxxx26061
(custom)
cpe:2.3:h:mitsubishielectric:melsec_q-q100udehcpu:-:*:*:*:*:*:*:* |
|
| mitsubishi | melsec_q03udvcpu |
Affected:
0 , < xxxxx26061
(custom)
cpe:2.3:h:mitsubishi:melsec_q03udvcpu:-:*:*:*:*:*:*:* |
|
| mitsubishi | melsec_q04udvcpu |
Affected:
0 , < xxxxx26061
(custom)
cpe:2.3:h:mitsubishi:melsec_q04udvcpu:-:*:*:*:*:*:*:* |
|
| mitsubishi | melsec_q06udvcpu |
Affected:
0 , < xxxxx26061
(custom)
cpe:2.3:h:mitsubishi:melsec_q06udvcpu:-:*:*:*:*:*:*:* |
|
| mitsubishi | melsec_q13udvcpu |
Affected:
0 , < xxxxx26061
(custom)
cpe:2.3:h:mitsubishi:melsec_q13udvcpu:-:*:*:*:*:*:*:* |
|
| mitsubishi | melsec_q26udvcpu |
Affected:
0 , < xxxxx26061
(custom)
cpe:2.3:h:mitsubishi:melsec_q26udvcpu:-:*:*:*:*:*:*:* |
|
| mitsubishi | melsec_q06udpvcpu |
Affected:
0 , < xxxxx26061
(custom)
cpe:2.3:h:mitsubishi:melsec_q06udpvcpu:-:*:*:*:*:*:*:* |
|
| mitsubishi | melsec_q13udpvcpu |
Affected:
0 , < xxxxx26061
(custom)
cpe:2.3:h:mitsubishi:melsec_q13udpvcpu:-:*:*:*:*:*:*:* |
|
| mitsubishi | melsec_q26udpvcpu |
Affected:
0 , < xxxxx26061
(custom)
cpe:2.3:h:mitsubishi:melsec_q26udpvcpu:-:*:*:*:*:*:*:* |
|
| mitsubishielectric | l02cpu-p |
Affected:
0 , < xxxxx26041
(custom)
cpe:2.3:h:mitsubishielectric:l02cpu-p:-:*:*:*:*:*:*:* |
|
| mitsubishi | melsec_l06cpu\(-p\) |
Affected:
0 , < xxxxx26041
(custom)
cpe:2.3:h:mitsubishi:melsec_l06cpu\(-p\):-:*:*:*:*:*:*:* |
|
| mitsubishi | melsec_l26cpu\(-p\) |
Affected:
0 , < xxxxx26041
(custom)
cpe:2.3:h:mitsubishi:melsec_l26cpu\(-p\):-:*:*:*:*:*:*:* |
|
| mitsubishielectric | melsec_l02cpu-p |
Affected:
0 , < xxxxx26041
(custom)
cpe:2.3:h:mitsubishielectric:melsec_l02cpu-p:-:*:*:*:*:*:*:* |
|
| mitsubishielectric | melsec_l06cpu-p |
Affected:
0 , < xxxxx26041
(custom)
cpe:2.3:h:mitsubishielectric:melsec_l06cpu-p:-:*:*:*:*:*:*:* |
|
| mitsubishielectric | melsec_l26cpu-p |
Affected:
0 , < xxxxx26041
(custom)
cpe:2.3:h:mitsubishielectric:melsec_l26cpu-p:-:*:*:*:*:*:*:* |
|
| mitsubishielectric | l26cpu-bt |
Affected:
0 , < xxxxx26041
(custom)
cpe:2.3:h:mitsubishielectric:l26cpu-bt:-:*:*:*:*:*:*:* |
|
| mitsubishielectric | melsec_l26cpu-pbt |
Affected:
0 , < xxxxx26041
(custom)
cpe:2.3:h:mitsubishielectric:melsec_l26cpu-pbt:-:*:*:*:*:*:*:* |
Date Public
2024-03-14 03:00
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:h:mitsubishielectric:melsec_q-q03udecpu:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "melsec_q-q03udecpu",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThan": "xxxxx26061",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mitsubishielectric:melsec_q-q04udehcpu:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "melsec_q-q04udehcpu",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThan": "xxxxx26061",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mitsubishielectric:melsec_q-q06udehcpu:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "melsec_q-q06udehcpu",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThan": "xxxxx26061",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mitsubishielectric:melsec_q-q10udehcpu:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "melsec_q-q10udehcpu",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThan": "xxxxx26061",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mitsubishielectric:melsec_q-q13udehcpu:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "melsec_q-q13udehcpu",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThan": "xxxxx26061",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mitsubishielectric:melsec_q-q20udehcpu:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "melsec_q-q20udehcpu",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThan": "xxxxx26061",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mitsubishielectric:melsec_q-q26udehcpu:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "melsec_q-q26udehcpu",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThan": "xxxxx26061",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mitsubishielectric:melsec_q-q50udehcpu:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "melsec_q-q50udehcpu",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThan": "xxxxx26061",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mitsubishielectric:melsec_q-q100udehcpu:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "melsec_q-q100udehcpu",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThan": "xxxxx26061",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mitsubishi:melsec_q03udvcpu:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "melsec_q03udvcpu",
"vendor": "mitsubishi",
"versions": [
{
"lessThan": "xxxxx26061",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mitsubishi:melsec_q04udvcpu:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "melsec_q04udvcpu",
"vendor": "mitsubishi",
"versions": [
{
"lessThan": "xxxxx26061",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mitsubishi:melsec_q06udvcpu:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "melsec_q06udvcpu",
"vendor": "mitsubishi",
"versions": [
{
"lessThan": "xxxxx26061",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mitsubishi:melsec_q13udvcpu:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "melsec_q13udvcpu",
"vendor": "mitsubishi",
"versions": [
{
"lessThan": "xxxxx26061",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mitsubishi:melsec_q26udvcpu:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "melsec_q26udvcpu",
"vendor": "mitsubishi",
"versions": [
{
"lessThan": "xxxxx26061",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mitsubishi:melsec_q06udpvcpu:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "melsec_q06udpvcpu",
"vendor": "mitsubishi",
"versions": [
{
"lessThan": "xxxxx26061",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mitsubishi:melsec_q13udpvcpu:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "melsec_q13udpvcpu",
"vendor": "mitsubishi",
"versions": [
{
"lessThan": "xxxxx26061",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mitsubishi:melsec_q26udpvcpu:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "melsec_q26udpvcpu",
"vendor": "mitsubishi",
"versions": [
{
"lessThan": "xxxxx26061",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mitsubishielectric:l02cpu-p:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "l02cpu-p",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThan": "xxxxx26041",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mitsubishi:melsec_l06cpu\\(-p\\):-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "melsec_l06cpu\\(-p\\)",
"vendor": "mitsubishi",
"versions": [
{
"lessThan": "xxxxx26041",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mitsubishi:melsec_l26cpu\\(-p\\):-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "melsec_l26cpu\\(-p\\)",
"vendor": "mitsubishi",
"versions": [
{
"lessThan": "xxxxx26041",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mitsubishielectric:melsec_l02cpu-p:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "melsec_l02cpu-p",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThan": "xxxxx26041",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mitsubishielectric:melsec_l06cpu-p:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "melsec_l06cpu-p",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThan": "xxxxx26041",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mitsubishielectric:melsec_l26cpu-p:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "melsec_l26cpu-p",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThan": "xxxxx26041",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mitsubishielectric:l26cpu-bt:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "l26cpu-bt",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThan": "xxxxx26041",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mitsubishielectric:melsec_l26cpu-pbt:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "melsec_l26cpu-pbt",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThan": "xxxxx26041",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-0802",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-16T00:29:47.319671Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-16T01:00:21.794Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T18:18:18.584Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2023-024_en.pdf"
},
{
"tags": [
"government-resource",
"x_transferred"
],
"url": "https://jvn.jp/vu/JVNVU99690199/"
},
{
"tags": [
"government-resource",
"x_transferred"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-074-14"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "MELSEC-Q Series Q03UDECPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "The first 5 digits of serial No. \"26061\" and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC-Q Series Q04UDEHCPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "The first 5 digits of serial No. \"26061\" and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC-Q Series Q06UDEHCPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "The first 5 digits of serial No. \"26061\" and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC-Q Series Q10UDEHCPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "The first 5 digits of serial No. \"26061\" and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC-Q Series Q13UDEHCPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "The first 5 digits of serial No. \"26061\" and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC-Q Series Q20UDEHCPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "The first 5 digits of serial No. \"26061\" and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC-Q Series Q26UDEHCPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "The first 5 digits of serial No. \"26061\" and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC-Q Series Q50UDEHCPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "The first 5 digits of serial No. \"26061\" and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC-Q Series Q100UDEHCPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "The first 5 digits of serial No. \"26061\" and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC-Q Series Q03UDVCPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "The first 5 digits of serial No. \"26061\" and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC-Q Series Q04UDVCPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "The first 5 digits of serial No. \"26061\" and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC-Q Series Q06UDVCPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "The first 5 digits of serial No. \"26061\" and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC-Q Series Q13UDVCPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "The first 5 digits of serial No. \"26061\" and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC-Q Series Q26UDVCPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "The first 5 digits of serial No. \"26061\" and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC-Q Series Q04UDPVCPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "The first 5 digits of serial No. \"26061\" and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC-Q Series Q06UDPVCPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "The first 5 digits of serial No. \"26061\" and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC-Q Series Q13UDPVCPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "The first 5 digits of serial No. \"26061\" and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC-Q Series Q26UDPVCPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "The first 5 digits of serial No. \"26061\" and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC-L Series L02CPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "The first 5 digits of serial No. \"26041\" and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC-L Series L06CPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "The first 5 digits of serial No. \"26041\" and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC-L Series L26CPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "The first 5 digits of serial No. \"26041\" and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC-L Series L02CPU-P",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "The first 5 digits of serial No. \"26041\" and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC-L Series L06CPU-P",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "The first 5 digits of serial No. \"26041\" and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC-L Series L26CPU-P",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "The first 5 digits of serial No. \"26041\" and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC-L Series L26CPU-BT",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "The first 5 digits of serial No. \"26041\" and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC-L Series L26CPU-PBT",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "The first 5 digits of serial No. \"26041\" and prior"
}
]
}
],
"datePublic": "2024-03-14T03:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Incorrect Pointer Scaling vulnerability in Mitsubishi Electric Corporation MELSEC-Q Series and MELSEC-L Series CPU modules allows a remote unauthenticated attacker to read arbitrary information from a target product or execute malicious code on a target product by sending a specially crafted packet."
}
],
"value": "Incorrect Pointer Scaling vulnerability in Mitsubishi Electric Corporation MELSEC-Q Series and MELSEC-L Series CPU modules allows a remote unauthenticated attacker to read arbitrary information from a target product or execute malicious code on a target product by sending a specially crafted packet."
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": "Information Disclosure and Remote Code Execution"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-468",
"description": "CWE-468 Incorrect Pointer Scaling",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-14T00:03:03.747Z",
"orgId": "e0f77b61-78fd-4786-b3fb-1ee347a748ad",
"shortName": "Mitsubishi"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2023-024_en.pdf"
},
{
"tags": [
"government-resource"
],
"url": "https://jvn.jp/vu/JVNVU99690199/"
},
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-074-14"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "e0f77b61-78fd-4786-b3fb-1ee347a748ad",
"assignerShortName": "Mitsubishi",
"cveId": "CVE-2024-0802",
"datePublished": "2024-03-14T23:57:07.390Z",
"dateReserved": "2024-01-23T00:04:23.168Z",
"dateUpdated": "2024-08-01T18:18:18.584Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-1915 (GCVE-0-2024-1915)
Vulnerability from cvelistv5 – Published: 2024-03-15 00:00 – Updated: 2024-08-27 19:56
VLAI
Summary
Incorrect Pointer Scaling vulnerability in Mitsubishi Electric Corporation MELSEC-Q Series and MELSEC-L Series CPU modules allows a remote unauthenticated attacker to execute malicious code on a target product by sending a specially crafted packet.
Severity
9.8 (Critical)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-468 - Incorrect Pointer Scaling
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://www.mitsubishielectric.com/en/psirt/vulne… | vendor-advisory |
| https://jvn.jp/vu/JVNVU99690199/ | government-resource |
| https://www.cisa.gov/news-events/ics-advisories/i… | government-resource |
Impacted products
51 products
| Vendor | Product | Version | |
|---|---|---|---|
| Mitsubishi Electric Corporation | MELSEC-Q Series Q03UDECPU |
Affected:
The first 5 digits of serial No. "26061" and prior
|
|
| Mitsubishi Electric Corporation | MELSEC-Q Series Q04UDEHCPU |
Affected:
The first 5 digits of serial No. "26061" and prior
|
|
| Mitsubishi Electric Corporation | MELSEC-Q Series Q06UDEHCPU |
Affected:
The first 5 digits of serial No. "26061" and prior
|
|
| Mitsubishi Electric Corporation | MELSEC-Q Series Q10UDEHCPU |
Affected:
The first 5 digits of serial No. "26061" and prior
|
|
| Mitsubishi Electric Corporation | MELSEC-Q Series Q13UDEHCPU |
Affected:
The first 5 digits of serial No. "26061" and prior
|
|
| Mitsubishi Electric Corporation | MELSEC-Q Series Q20UDEHCPU |
Affected:
The first 5 digits of serial No. "26061" and prior
|
|
| Mitsubishi Electric Corporation | MELSEC-Q Series Q26UDEHCPU |
Affected:
The first 5 digits of serial No. "26061" and prior
|
|
| Mitsubishi Electric Corporation | MELSEC-Q Series Q50UDEHCPU |
Affected:
The first 5 digits of serial No. "26061" and prior
|
|
| Mitsubishi Electric Corporation | MELSEC-Q Series Q100UDEHCPU |
Affected:
The first 5 digits of serial No. "26061" and prior
|
|
| Mitsubishi Electric Corporation | MELSEC-Q Series Q03UDVCPU |
Affected:
The first 5 digits of serial No. "26061" and prior
|
|
| Mitsubishi Electric Corporation | MELSEC-Q Series Q04UDVCPU |
Affected:
The first 5 digits of serial No. "26061" and prior
|
|
| Mitsubishi Electric Corporation | MELSEC-Q Series Q06UDVCPU |
Affected:
The first 5 digits of serial No. "26061" and prior
|
|
| Mitsubishi Electric Corporation | MELSEC-Q Series Q13UDVCPU |
Affected:
The first 5 digits of serial No. "26061" and prior
|
|
| Mitsubishi Electric Corporation | MELSEC-Q Series Q26UDVCPU |
Affected:
The first 5 digits of serial No. "26061" and prior
|
|
| Mitsubishi Electric Corporation | MELSEC-Q Series Q04UDPVCPU |
Affected:
The first 5 digits of serial No. "26061" and prior
|
|
| Mitsubishi Electric Corporation | MELSEC-Q Series Q06UDPVCPU |
Affected:
The first 5 digits of serial No. "26061" and prior
|
|
| Mitsubishi Electric Corporation | MELSEC-Q Series Q13UDPVCPU |
Affected:
The first 5 digits of serial No. "26061" and prior
|
|
| Mitsubishi Electric Corporation | MELSEC-Q Series Q26UDPVCPU |
Affected:
The first 5 digits of serial No. "26061" and prior
|
|
| Mitsubishi Electric Corporation | MELSEC-L Series L02CPU |
Affected:
The first 5 digits of serial No. "26041" and prior
|
|
| Mitsubishi Electric Corporation | MELSEC-L Series L06CPU |
Affected:
The first 5 digits of serial No. "26041" and prior
|
|
| Mitsubishi Electric Corporation | MELSEC-L Series L26CPU |
Affected:
The first 5 digits of serial No. "26041" and prior
|
|
| Mitsubishi Electric Corporation | MELSEC-L Series L02CPU-P |
Affected:
The first 5 digits of serial No. "26041" and prior
|
|
| Mitsubishi Electric Corporation | MELSEC-L Series L06CPU-P |
Affected:
The first 5 digits of serial No. "26041" and prior
|
|
| Mitsubishi Electric Corporation | MELSEC-L Series L26CPU-P |
Affected:
The first 5 digits of serial No. "26041" and prior
|
|
| Mitsubishi Electric Corporation | MELSEC-L Series L26CPU-BT |
Affected:
The first 5 digits of serial No. "26041" and prior
|
|
| Mitsubishi Electric Corporation | MELSEC-L Series L26CPU-PBT |
Affected:
The first 5 digits of serial No. "26041" and prior
|
|
| mitsubishielectric | melsec_q-q03udecpu |
Affected:
0 , < xxxxx26061
(custom)
cpe:2.3:h:mitsubishielectric:melsec_q-q03udecpu:-:*:*:*:*:*:*:* |
|
| mitsubishielectric | melsec_q-q04udehcpu |
Affected:
0 , < xxxxx26061
(custom)
cpe:2.3:h:mitsubishielectric:melsec_q-q04udehcpu:-:*:*:*:*:*:*:* |
|
| mitsubishielectric | melsec_q-q06udehcpu |
Affected:
0 , < xxxxx26061
(custom)
cpe:2.3:h:mitsubishielectric:melsec_q-q06udehcpu:-:*:*:*:*:*:*:* |
|
| mitsubishielectric | melsec_q-q10udehcpu |
Affected:
0 , < xxxxx26061
(custom)
cpe:2.3:h:mitsubishielectric:melsec_q-q10udehcpu:-:*:*:*:*:*:*:* |
|
| mitsubishielectric | melsec_q-q13udehcpu |
Affected:
0 , < xxxxx26061
(custom)
cpe:2.3:h:mitsubishielectric:melsec_q-q13udehcpu:-:*:*:*:*:*:*:* |
|
| mitsubishielectric | melsec_q-q20udehcpu |
Affected:
0 , < xxxxx26061
(custom)
cpe:2.3:h:mitsubishielectric:melsec_q-q20udehcpu:-:*:*:*:*:*:*:* |
|
| mitsubishielectric | melsec_q-q26udehcpu |
Affected:
0 , < xxxxx26061
(custom)
cpe:2.3:h:mitsubishielectric:melsec_q-q26udehcpu:-:*:*:*:*:*:*:* |
|
| mitsubishielectric | melsec_q-q50udehcpu |
Affected:
0 , < xxxxx26061
(custom)
cpe:2.3:h:mitsubishielectric:melsec_q-q50udehcpu:-:*:*:*:*:*:*:* |
|
| mitsubishielectric | melsec_q-q100udehcpu |
Affected:
0 , < xxxxx26061
(custom)
cpe:2.3:h:mitsubishielectric:melsec_q-q100udehcpu:-:*:*:*:*:*:*:* |
|
| mitsubishi | melsec_q03udvcpu |
Affected:
0 , < xxxxx26061
(custom)
cpe:2.3:h:mitsubishi:melsec_q03udvcpu:-:*:*:*:*:*:*:* |
|
| mitsubishi | melsec_q04udvcpu |
Affected:
0 , < xxxxx26061
(custom)
cpe:2.3:h:mitsubishi:melsec_q04udvcpu:-:*:*:*:*:*:*:* |
|
| mitsubishi | melsec_q06udvcpu |
Affected:
0 , < xxxxx26061
(custom)
cpe:2.3:h:mitsubishi:melsec_q06udvcpu:-:*:*:*:*:*:*:* |
|
| mitsubishi | melsec_q13udvcpu |
Affected:
0 , < xxxxx26061
(custom)
cpe:2.3:h:mitsubishi:melsec_q13udvcpu:-:*:*:*:*:*:*:* |
|
| mitsubishi | melsec_q26udvcpu |
Affected:
0 , < xxxxx26061
(custom)
cpe:2.3:h:mitsubishi:melsec_q26udvcpu:-:*:*:*:*:*:*:* |
|
| mitsubishi | melsec_q06udpvcpu |
Affected:
0 , < xxxxx26061
(custom)
cpe:2.3:h:mitsubishi:melsec_q06udpvcpu:-:*:*:*:*:*:*:* |
|
| mitsubishi | melsec_q13udpvcpu |
Affected:
0 , < xxxxx26061
(custom)
cpe:2.3:h:mitsubishi:melsec_q13udpvcpu:-:*:*:*:*:*:*:* |
|
| mitsubishi | melsec_q26udpvcpu |
Affected:
0 , < xxxxx26061
(custom)
cpe:2.3:h:mitsubishi:melsec_q26udpvcpu:-:*:*:*:*:*:*:* |
|
| mitsubishielectric | l02cpu-p |
Affected:
0 , < xxxxx26041
(custom)
cpe:2.3:h:mitsubishielectric:l02cpu-p:-:*:*:*:*:*:*:* |
|
| mitsubishi | melsec_l06cpu\(-p\) |
Affected:
0 , < xxxxx26041
(custom)
cpe:2.3:h:mitsubishi:melsec_l06cpu\(-p\):-:*:*:*:*:*:*:* |
|
| mitsubishi | melsec_l26cpu\(-p\) |
Affected:
0 , < xxxxx26041
(custom)
cpe:2.3:h:mitsubishi:melsec_l26cpu\(-p\):-:*:*:*:*:*:*:* |
|
| mitsubishielectric | melsec_l02cpu-p |
Affected:
0 , < xxxxx26041
(custom)
cpe:2.3:h:mitsubishielectric:melsec_l02cpu-p:-:*:*:*:*:*:*:* |
|
| mitsubishielectric | melsec_l06cpu-p |
Affected:
0 , < xxxxx26041
(custom)
cpe:2.3:h:mitsubishielectric:melsec_l06cpu-p:-:*:*:*:*:*:*:* |
|
| mitsubishielectric | melsec_l26cpu-p |
Affected:
0 , < xxxxx26041
(custom)
cpe:2.3:h:mitsubishielectric:melsec_l26cpu-p:-:*:*:*:*:*:*:* |
|
| mitsubishielectric | l26cpu-bt |
Affected:
0 , < xxxxx26041
(custom)
cpe:2.3:h:mitsubishielectric:l26cpu-bt:-:*:*:*:*:*:*:* |
|
| mitsubishielectric | melsec_l26cpu-pbt |
Affected:
0 , < xxxxx26041
(custom)
cpe:2.3:h:mitsubishielectric:melsec_l26cpu-pbt:-:*:*:*:*:*:*:* |
Date Public
2024-03-14 03:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T18:56:22.312Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2023-024_en.pdf"
},
{
"tags": [
"government-resource",
"x_transferred"
],
"url": "https://jvn.jp/vu/JVNVU99690199/"
},
{
"tags": [
"government-resource",
"x_transferred"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-074-14"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:h:mitsubishielectric:melsec_q-q03udecpu:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "melsec_q-q03udecpu",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThan": "xxxxx26061",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mitsubishielectric:melsec_q-q04udehcpu:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "melsec_q-q04udehcpu",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThan": "xxxxx26061",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mitsubishielectric:melsec_q-q06udehcpu:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "melsec_q-q06udehcpu",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThan": "xxxxx26061",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mitsubishielectric:melsec_q-q10udehcpu:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "melsec_q-q10udehcpu",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThan": "xxxxx26061",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mitsubishielectric:melsec_q-q13udehcpu:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "melsec_q-q13udehcpu",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThan": "xxxxx26061",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mitsubishielectric:melsec_q-q20udehcpu:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "melsec_q-q20udehcpu",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThan": "xxxxx26061",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mitsubishielectric:melsec_q-q26udehcpu:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "melsec_q-q26udehcpu",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThan": "xxxxx26061",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mitsubishielectric:melsec_q-q50udehcpu:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "melsec_q-q50udehcpu",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThan": "xxxxx26061",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mitsubishielectric:melsec_q-q100udehcpu:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "melsec_q-q100udehcpu",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThan": "xxxxx26061",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mitsubishi:melsec_q03udvcpu:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "melsec_q03udvcpu",
"vendor": "mitsubishi",
"versions": [
{
"lessThan": "xxxxx26061",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mitsubishi:melsec_q04udvcpu:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "melsec_q04udvcpu",
"vendor": "mitsubishi",
"versions": [
{
"lessThan": "xxxxx26061",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mitsubishi:melsec_q06udvcpu:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "melsec_q06udvcpu",
"vendor": "mitsubishi",
"versions": [
{
"lessThan": "xxxxx26061",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mitsubishi:melsec_q13udvcpu:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "melsec_q13udvcpu",
"vendor": "mitsubishi",
"versions": [
{
"lessThan": "xxxxx26061",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mitsubishi:melsec_q26udvcpu:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "melsec_q26udvcpu",
"vendor": "mitsubishi",
"versions": [
{
"lessThan": "xxxxx26061",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mitsubishi:melsec_q06udpvcpu:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "melsec_q06udpvcpu",
"vendor": "mitsubishi",
"versions": [
{
"lessThan": "xxxxx26061",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mitsubishi:melsec_q13udpvcpu:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "melsec_q13udpvcpu",
"vendor": "mitsubishi",
"versions": [
{
"lessThan": "xxxxx26061",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mitsubishi:melsec_q26udpvcpu:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "melsec_q26udpvcpu",
"vendor": "mitsubishi",
"versions": [
{
"lessThan": "xxxxx26061",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mitsubishielectric:l02cpu-p:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "l02cpu-p",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThan": "xxxxx26041",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mitsubishi:melsec_l06cpu\\(-p\\):-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "melsec_l06cpu\\(-p\\)",
"vendor": "mitsubishi",
"versions": [
{
"lessThan": "xxxxx26041",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mitsubishi:melsec_l26cpu\\(-p\\):-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "melsec_l26cpu\\(-p\\)",
"vendor": "mitsubishi",
"versions": [
{
"lessThan": "xxxxx26041",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mitsubishielectric:melsec_l02cpu-p:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "melsec_l02cpu-p",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThan": "xxxxx26041",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mitsubishielectric:melsec_l06cpu-p:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "melsec_l06cpu-p",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThan": "xxxxx26041",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mitsubishielectric:melsec_l26cpu-p:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "melsec_l26cpu-p",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThan": "xxxxx26041",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mitsubishielectric:l26cpu-bt:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "l26cpu-bt",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThan": "xxxxx26041",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:mitsubishielectric:melsec_l26cpu-pbt:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "melsec_l26cpu-pbt",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThan": "xxxxx26041",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-1915",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-15T15:51:36.118417Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-27T19:56:54.512Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "MELSEC-Q Series Q03UDECPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "The first 5 digits of serial No. \"26061\" and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC-Q Series Q04UDEHCPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "The first 5 digits of serial No. \"26061\" and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC-Q Series Q06UDEHCPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "The first 5 digits of serial No. \"26061\" and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC-Q Series Q10UDEHCPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "The first 5 digits of serial No. \"26061\" and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC-Q Series Q13UDEHCPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "The first 5 digits of serial No. \"26061\" and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC-Q Series Q20UDEHCPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "The first 5 digits of serial No. \"26061\" and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC-Q Series Q26UDEHCPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "The first 5 digits of serial No. \"26061\" and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC-Q Series Q50UDEHCPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "The first 5 digits of serial No. \"26061\" and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC-Q Series Q100UDEHCPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "The first 5 digits of serial No. \"26061\" and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC-Q Series Q03UDVCPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "The first 5 digits of serial No. \"26061\" and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC-Q Series Q04UDVCPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "The first 5 digits of serial No. \"26061\" and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC-Q Series Q06UDVCPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "The first 5 digits of serial No. \"26061\" and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC-Q Series Q13UDVCPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "The first 5 digits of serial No. \"26061\" and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC-Q Series Q26UDVCPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "The first 5 digits of serial No. \"26061\" and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC-Q Series Q04UDPVCPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "The first 5 digits of serial No. \"26061\" and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC-Q Series Q06UDPVCPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "The first 5 digits of serial No. \"26061\" and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC-Q Series Q13UDPVCPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "The first 5 digits of serial No. \"26061\" and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC-Q Series Q26UDPVCPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "The first 5 digits of serial No. \"26061\" and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC-L Series L02CPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "The first 5 digits of serial No. \"26041\" and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC-L Series L06CPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "The first 5 digits of serial No. \"26041\" and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC-L Series L26CPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "The first 5 digits of serial No. \"26041\" and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC-L Series L02CPU-P",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "The first 5 digits of serial No. \"26041\" and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC-L Series L06CPU-P",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "The first 5 digits of serial No. \"26041\" and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC-L Series L26CPU-P",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "The first 5 digits of serial No. \"26041\" and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC-L Series L26CPU-BT",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "The first 5 digits of serial No. \"26041\" and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC-L Series L26CPU-PBT",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "The first 5 digits of serial No. \"26041\" and prior"
}
]
}
],
"datePublic": "2024-03-14T03:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Incorrect Pointer Scaling vulnerability in Mitsubishi Electric Corporation MELSEC-Q Series and MELSEC-L Series CPU modules allows a remote unauthenticated attacker to execute malicious code on a target product by sending a specially crafted packet."
}
],
"value": "Incorrect Pointer Scaling vulnerability in Mitsubishi Electric Corporation MELSEC-Q Series and MELSEC-L Series CPU modules allows a remote unauthenticated attacker to execute malicious code on a target product by sending a specially crafted packet."
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": "Remote Code Execution"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-468",
"description": "CWE-468 Incorrect Pointer Scaling",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-14T00:04:05.170Z",
"orgId": "e0f77b61-78fd-4786-b3fb-1ee347a748ad",
"shortName": "Mitsubishi"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2023-024_en.pdf"
},
{
"tags": [
"government-resource"
],
"url": "https://jvn.jp/vu/JVNVU99690199/"
},
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-074-14"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "e0f77b61-78fd-4786-b3fb-1ee347a748ad",
"assignerShortName": "Mitsubishi",
"cveId": "CVE-2024-1915",
"datePublished": "2024-03-15T00:00:46.607Z",
"dateReserved": "2024-02-27T06:32:39.218Z",
"dateUpdated": "2024-08-27T19:56:54.512Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2026-34194 (GCVE-0-2026-34194)
Vulnerability from cvelistv5 – Published: 2026-06-08 14:58 – Updated: 2026-06-08 18:55
VLAI
Title
GPU DDK - UAF read and/or write to arbitrary physical pages in DevmemIntChangeSparse due to incorrect calculation of the virtual index count
Summary
Software installed and run as a non-privileged user may conduct improper GPU system calls to cause mismanagement of a mapping state maintained for a sparse memory allocation.
The product accidentally refers to the wrong memory due to the semantics of how math operations are implicitly scaled across buffers of different sizes.
Severity
7.1 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-468 - Incorrect Pointer Scaling
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Imagination Technologies | Graphics DDK |
Unaffected:
1.18 RTM
(custom)
Unaffected: 23.2 RTM (custom) Affected: 24.2 RTM (custom) Affected: 25.1 RTM , ≤ 25.3 RTM (custom) Affected: 26.1 RTM (custom) |
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-34194",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-08T18:54:26.516443Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-08T18:55:08.798Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"platforms": [
"Linux",
"Android"
],
"product": "Graphics DDK",
"vendor": "Imagination Technologies",
"versions": [
{
"status": "unaffected",
"version": "1.18 RTM",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "23.2 RTM",
"versionType": "custom"
},
{
"status": "affected",
"version": "24.2 RTM",
"versionType": "custom"
},
{
"lessThanOrEqual": "25.3 RTM",
"status": "affected",
"version": "25.1 RTM",
"versionType": "custom"
},
{
"status": "affected",
"version": "26.1 RTM",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eSoftware installed and run as a non-privileged user may conduct improper GPU system calls to cause mismanagement of a mapping state maintained for a sparse memory allocation.\u003c/p\u003e\u003cp\u003eThe product accidentally refers to the wrong memory due to the semantics of how math operations are implicitly scaled across buffers of different sizes.\u003c/p\u003e"
}
],
"value": "Software installed and run as a non-privileged user may conduct improper GPU system calls to cause mismanagement of a mapping state maintained for a sparse memory allocation.\n\n\n\nThe product accidentally refers to the wrong memory due to the semantics of how math operations are implicitly scaled across buffers of different sizes."
}
],
"impacts": [
{
"capecId": "CAPEC-123",
"descriptions": [
{
"lang": "en",
"value": "CAPEC - CAPEC-123: Buffer Manipulation (Version 3.9)"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-468",
"description": "CWE-468: Incorrect Pointer Scaling",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-08T14:58:40.452Z",
"orgId": "367425dc-4d06-4041-9650-c2dc6aaa27ce",
"shortName": "imaginationtech"
},
"references": [
{
"url": "https://www.imaginationtech.com/gpu-driver-vulnerabilities/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "GPU DDK - UAF read and/or write to arbitrary physical pages in DevmemIntChangeSparse due to incorrect calculation of the virtual index count",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "367425dc-4d06-4041-9650-c2dc6aaa27ce",
"assignerShortName": "imaginationtech",
"cveId": "CVE-2026-34194",
"datePublished": "2026-06-08T14:58:40.452Z",
"dateReserved": "2026-03-26T13:47:30.669Z",
"dateUpdated": "2026-06-08T18:55:08.798Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
Mitigation
Phase: Architecture and Design
Description:
- Use a platform with high-level memory abstractions.
Mitigation
Phase: Implementation
Description:
- Always use array indexing instead of direct pointer manipulation.
Mitigation
Phase: Architecture and Design
Description:
- Use technologies for preventing buffer overflows.
No CAPEC attack patterns related to this CWE.