icsa-21-049-02
Vulnerability from csaf_cisa
Published
2021-02-18 07:00
Modified
2025-06-05 06:00
Summary
Mitsubishi Electric FA Engineering Software Products (Update H)
Notes
Legal Notice
All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
Risk evaluation
Successful exploitation of these vulnerabilities may cause a denial-of-service condition.
Critical infrastructure sectors
Critical Manufacturing
Countries/areas deployed
Worldwide
Company headquarters location
Japan
Recommended Practices
CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
Recommended Practices
CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov/ics. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices
CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets.
Recommended Practices
Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov/ics in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Recommended Practices
Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.
Recommended Practices
No known public exploitation specifically targeting these vulnerabilities has been reported to CISA at this time.
{
"document": {
"acknowledgments": [
{
"names": [
"dliangfun"
],
"summary": "reporting these vulnerabilities to Mitsubishi Electric"
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited",
"tlp": {
"label": "WHITE",
"url": "https://us-cert.cisa.gov/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "legal_disclaimer",
"text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
"title": "Legal Notice"
},
{
"category": "summary",
"text": "Successful exploitation of these vulnerabilities may cause a denial-of-service condition. ",
"title": "Risk evaluation"
},
{
"category": "other",
"text": "Critical Manufacturing",
"title": "Critical infrastructure sectors"
},
{
"category": "other",
"text": "Worldwide",
"title": "Countries/areas deployed"
},
{
"category": "other",
"text": "Japan",
"title": "Company headquarters location"
},
{
"category": "general",
"text": "CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov/ics. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov/ics in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "No known public exploitation specifically targeting these vulnerabilities has been reported to CISA at this time.",
"title": "Recommended Practices"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "central@cisa.dhs.gov",
"name": "CISA",
"namespace": "https://www.cisa.gov/"
},
"references": [
{
"category": "self",
"summary": "ICS Advisory ICSA-21-049-02 JSON",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2021/icsa-21-049-02.json"
},
{
"category": "self",
"summary": "ICSA Advisory ICSA-21-049-02 - Web Version",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-21-049-02"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/topics/industrial-control-systems"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/sites/default/files/publications/emailscams0905.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ncas/tips/ST04-014"
}
],
"title": "Mitsubishi Electric FA Engineering Software Products (Update H)",
"tracking": {
"current_release_date": "2025-06-05T06:00:00.000000Z",
"generator": {
"date": "2025-06-05T17:14:52.588733Z",
"engine": {
"name": "CISA CSAF Generator",
"version": "1.0.0"
}
},
"id": "ICSA-21-049-02",
"initial_release_date": "2021-02-18T07:00:00.000000Z",
"revision_history": [
{
"date": "2021-02-18T07:00:00.000000Z",
"legacy_version": "Initial",
"number": "1",
"summary": "Initial Publication"
},
{
"date": "2021-05-27T06:00:00.000000Z",
"legacy_version": "Update A",
"number": "2",
"summary": "Update A - Added affected products."
},
{
"date": "2021-07-27T06:00:00.000000Z",
"legacy_version": "Update B",
"number": "3",
"summary": "Update B - Added fixed product."
},
{
"date": "2021-11-16T07:00:00.000000Z",
"legacy_version": "Update C",
"number": "4",
"summary": "Update C - Added fixed products."
},
{
"date": "2022-02-08T07:00:00.000000Z",
"legacy_version": "Update D",
"number": "5",
"summary": "Update D - Added fixed products."
},
{
"date": "2022-05-24T06:00:00.000000Z",
"legacy_version": "Update E",
"number": "6",
"summary": "Update E - Added fixed products."
},
{
"date": "2022-07-28T06:00:00.000000Z",
"legacy_version": "Update F",
"number": "7",
"summary": "Update F - Added fixed products."
},
{
"date": "2022-11-17T07:00:00.000000Z",
"legacy_version": "Update G",
"number": "8",
"summary": "Update G - Added fixed product."
},
{
"date": "2025-06-05T06:00:00.000000Z",
"legacy_version": "Update H",
"number": "9",
"summary": "Update H - Added updated products and countermeasures."
}
],
"status": "final",
"version": "9"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c=1.112R",
"product": {
"name": "Mitsubishi Electric CPU Module Logging Configuration Tool: \u003c=1.112R",
"product_id": "CSAFPID-0001"
}
}
],
"category": "product_name",
"name": "CPU Module Logging Configuration Tool"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c=1.011M",
"product": {
"name": "Mitsubishi Electric CW Configurator: \u003c=1.011M",
"product_id": "CSAFPID-0002"
}
}
],
"category": "product_name",
"name": "CW Configurator"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c=3.44W",
"product": {
"name": "Mitsubishi Electric Data Transfer: \u003c=3.44W",
"product_id": "CSAFPID-0003"
}
}
],
"category": "product_name",
"name": "Data Transfer"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c=5.4",
"product": {
"name": "Mitsubishi Electric EZSocket: \u003c=5.4",
"product_id": "CSAFPID-0004"
}
}
],
"category": "product_name",
"name": "EZSocket"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "Mitsubishi Electric FR Configurator: vers:all/*",
"product_id": "CSAFPID-0005"
}
}
],
"category": "product_name",
"name": "FR Configurator"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "Mitsubishi Electric FR Configurator SW3: vers:all/*",
"product_id": "CSAFPID-0006"
}
}
],
"category": "product_name",
"name": "FR Configurator SW3"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c=1.24A",
"product": {
"name": "Mitsubishi Electric FR Configurator2: \u003c=1.24A",
"product_id": "CSAFPID-0007"
}
}
],
"category": "product_name",
"name": "FR Configurator2"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c=1.250L",
"product": {
"name": "Mitsubishi Electric GT Designer3 Version1(GOT1000): \u003c=1.250L",
"product_id": "CSAFPID-0008"
}
}
],
"category": "product_name",
"name": "GT Designer3 Version1(GOT1000)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c=1.250L",
"product": {
"name": "Mitsubishi Electric GT Designer3 Version1(GOT2000): \u003c=1.250L",
"product_id": "CSAFPID-0009"
}
}
],
"category": "product_name",
"name": "GT Designer3 Version1(GOT2000)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c=3.245F",
"product": {
"name": "Mitsubishi Electric GT SoftGOT1000 Version3: \u003c=3.245F",
"product_id": "CSAFPID-0010"
}
}
],
"category": "product_name",
"name": "GT SoftGOT1000 Version3"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c=1.250L",
"product": {
"name": "Mitsubishi Electric GT SoftGOT2000 Version1: \u003c=1.250L",
"product_id": "CSAFPID-0011"
}
}
],
"category": "product_name",
"name": "GT SoftGOT2000 Version1"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c=7.14Q",
"product": {
"name": "Mitsubishi Electric GX Configurator-DP: \u003c=7.14Q",
"product_id": "CSAFPID-0012"
}
}
],
"category": "product_name",
"name": "GX Configurator-DP"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "Mitsubishi Electric GX Configurator-QP: vers:all/*",
"product_id": "CSAFPID-0013"
}
}
],
"category": "product_name",
"name": "GX Configurator-QP"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c=8.506C",
"product": {
"name": "Mitsubishi Electric GX Developer: \u003c=8.506C",
"product_id": "CSAFPID-0014"
}
}
],
"category": "product_name",
"name": "GX Developer"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "Mitsubishi Electric GX Explorer: vers:all/*",
"product_id": "CSAFPID-0015"
}
}
],
"category": "product_name",
"name": "GX Explorer"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "Mitsubishi Electric GX IEC Developer: vers:all/*",
"product_id": "CSAFPID-0016"
}
}
],
"category": "product_name",
"name": "GX IEC Developer"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c=1.115U",
"product": {
"name": "Mitsubishi Electric GX LogViewer: \u003c=1.115U",
"product_id": "CSAFPID-0017"
}
}
],
"category": "product_name",
"name": "GX LogViewer"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "Mitsubishi Electric GX RemoteService-I: vers:all/*",
"product_id": "CSAFPID-0018"
}
}
],
"category": "product_name",
"name": "GX RemoteService-I"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c=1.597X",
"product": {
"name": "Mitsubishi Electric GX Works2: \u003c=1.597X",
"product_id": "CSAFPID-0019"
}
}
],
"category": "product_name",
"name": "GX Works2"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c=1.070Y",
"product": {
"name": "Mitsubishi Electric GX Works3: \u003c=1.070Y",
"product_id": "CSAFPID-0020"
}
}
],
"category": "product_name",
"name": "GX Works3"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c=1.003D",
"product": {
"name": "Mitsubishi Electric iQ Monozukuri ANDON (Data Transfer): \u003c=1.003D",
"product_id": "CSAFPID-0021"
}
}
],
"category": "product_name",
"name": "iQ Monozukuri ANDON (Data Transfer)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c=1.002C",
"product": {
"name": "Mitsubishi Electric iQ Monozukuri Process Remote Monitoring (Data Transfer): \u003c=1.002C",
"product_id": "CSAFPID-0022"
}
}
],
"category": "product_name",
"name": "iQ Monozukuri Process Remote Monitoring (Data Transfer)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "Mitsubishi Electric M_CommDTM-HART: vers:all/*",
"product_id": "CSAFPID-0023"
}
}
],
"category": "product_name",
"name": "M_CommDTM-HART"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c=1.03D",
"product": {
"name": "Mitsubishi Electric M_CommDTM-IO-Link: \u003c=1.03D",
"product_id": "CSAFPID-0024"
}
}
],
"category": "product_name",
"name": "M_CommDTM-IO-Link"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c=4.4",
"product": {
"name": "Mitsubishi Electric MELFA-Works: \u003c=4.4",
"product_id": "CSAFPID-0025"
}
}
],
"category": "product_name",
"name": "MELFA-Works"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "Mitsubishi Electric MELSEC WinCPU Setting Utility: vers:all/*",
"product_id": "CSAFPID-0026"
}
}
],
"category": "product_name",
"name": "MELSEC WinCPU Setting Utility"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c=1.015R",
"product": {
"name": "Mitsubishi Electric MELSOFT EM Software Development Kit (EM Configurator): \u003c=1.015R",
"product_id": "CSAFPID-0027"
}
}
],
"category": "product_name",
"name": "MELSOFT EM Software Development Kit (EM Configurator)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c=2.74C",
"product": {
"name": "Mitsubishi Electric MELSOFT Navigator: \u003c=2.74C",
"product_id": "CSAFPID-0028"
}
}
],
"category": "product_name",
"name": "MELSOFT Navigator"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c=2.004E",
"product": {
"name": "Mitsubishi Electric MH11 SettingTool Version2: \u003c=2.004E",
"product_id": "CSAFPID-0029"
}
}
],
"category": "product_name",
"name": "MH11 SettingTool Version2"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c=1.004E",
"product": {
"name": "Mitsubishi Electric MI Configurator: \u003c=1.004E",
"product_id": "CSAFPID-0030"
}
}
],
"category": "product_name",
"name": "MI Configurator"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c=1.167Z",
"product": {
"name": "Mitsubishi Electric MT Works2: \u003c=1.167Z",
"product_id": "CSAFPID-0031"
}
}
],
"category": "product_name",
"name": "MT Works2"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c=5.001B",
"product": {
"name": "Mitsubishi Electric MX Component: \u003c=5.001B",
"product_id": "CSAFPID-0032"
}
}
],
"category": "product_name",
"name": "MX Component"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c=1.29F",
"product": {
"name": "Mitsubishi Electric Network Interface Board CC IE Control utility: \u003c=1.29F",
"product_id": "CSAFPID-0033"
}
}
],
"category": "product_name",
"name": "Network Interface Board CC IE Control utility"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c=1.16S",
"product": {
"name": "Mitsubishi Electric Network Interface Board CC IE Field Utility: \u003c=1.16S",
"product_id": "CSAFPID-0034"
}
}
],
"category": "product_name",
"name": "Network Interface Board CC IE Field Utility"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c=1.23Z",
"product": {
"name": "Mitsubishi Electric Network Interface Board CC-Link Ver.2 Utility: \u003c=1.23Z",
"product_id": "CSAFPID-0035"
}
}
],
"category": "product_name",
"name": "Network Interface Board CC-Link Ver.2 Utility"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c=34L",
"product": {
"name": "Mitsubishi Electric Network Interface Board MNETH utility: \u003c=34L",
"product_id": "CSAFPID-0036"
}
}
],
"category": "product_name",
"name": "Network Interface Board MNETH utility"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c=1.53F",
"product": {
"name": "Mitsubishi Electric PX Developer: \u003c=1.53F",
"product_id": "CSAFPID-0037"
}
}
],
"category": "product_name",
"name": "PX Developer"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c=3.73B",
"product": {
"name": "Mitsubishi Electric RT ToolBox2: \u003c=3.73B",
"product_id": "CSAFPID-0038"
}
}
],
"category": "product_name",
"name": "RT ToolBox2"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c=1.82L",
"product": {
"name": "Mitsubishi Electric RT ToolBox3: \u003c=1.82L",
"product_id": "CSAFPID-0039"
}
}
],
"category": "product_name",
"name": "RT ToolBox3"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c=4.12N",
"product": {
"name": "Mitsubishi Electric Setting/monitoring tools for the C Controller module (SW4PVC-CCPU): \u003c=4.12N",
"product_id": "CSAFPID-0040"
}
}
],
"category": "product_name",
"name": "Setting/monitoring tools for the C Controller module (SW4PVC-CCPU)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c=1.04E",
"product": {
"name": "Mitsubishi Electric SLMP Data Collector: \u003c=1.04E",
"product_id": "CSAFPID-0041"
}
}
],
"category": "product_name",
"name": "SLMP Data Collector"
}
],
"category": "vendor",
"name": "Mitsubishi Electric"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-20587",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "summary",
"text": "A malicious attacker may cause a denial-of-service condition by spoofing MELSEC, GOT, or FREQROL, and returning crafted reply packets. ",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20587"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Mitsubishi Electric has released updated versions for the following products to address these vulnerabilities. Please download and install the update from the Mitsubishi Electric download site.:",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041"
],
"url": "https://www.mitsubishielectric.com/fa/download/index.html"
},
{
"category": "vendor_fix",
"details": "CPU Module Logging Configuration Tool: Version 1.118X or later",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "vendor_fix",
"details": "CW Configurator: Version 1.012N or later",
"product_ids": [
"CSAFPID-0002"
]
},
{
"category": "vendor_fix",
"details": "Data Transfer: Version 3.45X or later",
"product_ids": [
"CSAFPID-0003"
]
},
{
"category": "vendor_fix",
"details": "EZSocket: Version 5.5 or later",
"product_ids": [
"CSAFPID-0004"
]
},
{
"category": "vendor_fix",
"details": "FR Configurator2: Version 1.25B or later",
"product_ids": [
"CSAFPID-0007"
]
},
{
"category": "mitigation",
"details": "GT Designer3 Version1(GOT1000): Version 1.255R or later",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041"
]
},
{
"category": "mitigation",
"details": "GT Designer3 Version1(GOT2000): Version 1.255R or later",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041"
]
},
{
"category": "vendor_fix",
"details": "GT SoftGOT1000 Version3: Version 3.255R or later",
"product_ids": [
"CSAFPID-0010"
]
},
{
"category": "vendor_fix",
"details": "GT SoftGOT2000 Version1: Version 1.255R or later",
"product_ids": [
"CSAFPID-0011"
]
},
{
"category": "vendor_fix",
"details": "GX Configurator-DP: Version 7.15R or later",
"product_ids": [
"CSAFPID-0012"
]
},
{
"category": "vendor_fix",
"details": "GX Developer: Version 8.507D or later",
"product_ids": [
"CSAFPID-0014"
]
},
{
"category": "vendor_fix",
"details": "GX LogViewer: Version 1.118X or later",
"product_ids": [
"CSAFPID-0017"
]
},
{
"category": "vendor_fix",
"details": "GX Works2: Version 1.600A or later",
"product_ids": [
"CSAFPID-0019"
]
},
{
"category": "vendor_fix",
"details": "GX Works3: Version 1.072A or later",
"product_ids": [
"CSAFPID-0020"
]
},
{
"category": "vendor_fix",
"details": "iQ Monozukuri ANDON (Data Transfer): Version 1.004E or later",
"product_ids": [
"CSAFPID-0003"
]
},
{
"category": "vendor_fix",
"details": "iQ Monozukuri Process Remote Monitoring (Data Transfer): Version 1.005F or later",
"product_ids": [
"CSAFPID-0003"
]
},
{
"category": "vendor_fix",
"details": "M_CommDTM-IO-Link: Version 1.04E or later",
"product_ids": [
"CSAFPID-0024"
]
},
{
"category": "vendor_fix",
"details": "MELFA-Works: Version 4.5 or later",
"product_ids": [
"CSAFPID-0025"
]
},
{
"category": "mitigation",
"details": "MELSOFT EM Software Development Kit (EM Configurator): Version 1.020W or later",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041"
]
},
{
"category": "vendor_fix",
"details": "MELSOFT Navigator: Version 2.78G or later",
"product_ids": [
"CSAFPID-0028"
]
},
{
"category": "vendor_fix",
"details": "MH11 SettingTool Version2: Version 2.005F or later",
"product_ids": [
"CSAFPID-0029"
]
},
{
"category": "vendor_fix",
"details": "MI Configurator: Version 1.005F or later",
"product_ids": [
"CSAFPID-0030"
]
},
{
"category": "vendor_fix",
"details": "MT Works2: Version 1.170C or later",
"product_ids": [
"CSAFPID-0031"
]
},
{
"category": "vendor_fix",
"details": "MX Component: Version 5.002C or later",
"product_ids": [
"CSAFPID-0032"
]
},
{
"category": "vendor_fix",
"details": "Network Interface Board CC IE Control utility: Version 1.30G or later",
"product_ids": [
"CSAFPID-0033"
]
},
{
"category": "vendor_fix",
"details": "Network Interface Board CC IE Field Utility: Version 1.17T or later",
"product_ids": [
"CSAFPID-0034"
]
},
{
"category": "vendor_fix",
"details": "Network Interface Board CC-Link Ver.2 Utility: Version 1.24A or later",
"product_ids": [
"CSAFPID-0035"
]
},
{
"category": "vendor_fix",
"details": "Network Interface Board MNETH utility: Version 35M or later",
"product_ids": [
"CSAFPID-0036"
]
},
{
"category": "vendor_fix",
"details": "PX Developer: Version 1.54G or later",
"product_ids": [
"CSAFPID-0037"
]
},
{
"category": "vendor_fix",
"details": "RT ToolBox2: Version 3.74C or later",
"product_ids": [
"CSAFPID-0038"
]
},
{
"category": "vendor_fix",
"details": "RT ToolBox3: Version 1.90U or later",
"product_ids": [
"CSAFPID-0039"
]
},
{
"category": "mitigation",
"details": "Setting/monitoring tools for the C Controller module (SW4PVC-CCPU): Version 4.13P or later",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041"
]
},
{
"category": "vendor_fix",
"details": "SLMP Data Collector: Version 1.05F or later",
"product_ids": [
"CSAFPID-0041"
]
},
{
"category": "mitigation",
"details": "Mitsubishi Electric has no plans to release fixed versions for the following products:",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041"
]
},
{
"category": "vendor_fix",
"details": "FR Configurator",
"product_ids": [
"CSAFPID-0005"
]
},
{
"category": "vendor_fix",
"details": "FR Configurator SW3",
"product_ids": [
"CSAFPID-0005",
"CSAFPID-0006"
]
},
{
"category": "vendor_fix",
"details": "GX Configurator-QP",
"product_ids": [
"CSAFPID-0013"
]
},
{
"category": "vendor_fix",
"details": "GX Explorer",
"product_ids": [
"CSAFPID-0015"
]
},
{
"category": "vendor_fix",
"details": "GX IEC Developer",
"product_ids": [
"CSAFPID-0016"
]
},
{
"category": "vendor_fix",
"details": "GX RemoteService-I",
"product_ids": [
"CSAFPID-0018"
]
},
{
"category": "vendor_fix",
"details": "M_CommDTM-HART",
"product_ids": [
"CSAFPID-0023"
]
},
{
"category": "vendor_fix",
"details": "MELSEC WinCPU Setting Utility",
"product_ids": [
"CSAFPID-0026"
]
},
{
"category": "mitigation",
"details": "For users of products that do not have a fixed version or who cannot immediately update the product, Mitsubishi Electric recommends taking the following mitigations to minimize the risk of exploiting these vulnerabilities:",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041"
]
},
{
"category": "vendor_fix",
"details": "Install the fixed version of GX Works3 on your personal computer running the products when communicating with MELSEC. GX Works3 provides comprehensive countermeasures that provide the same level of protection to other products.",
"product_ids": [
"CSAFPID-0020"
]
},
{
"category": "vendor_fix",
"details": "Install the fixed version of FR Configurator2 on your personal computer running the products when communicating with FREQROL. FR Configurator2 provides comprehensive countermeasures that provide the same level of protection to other products.",
"product_ids": [
"CSAFPID-0007"
]
},
{
"category": "mitigation",
"details": "Install the fixed version of GT Designer3 on your personal computer running the products when communicating with GOT. GT Designer3 provides comprehensive countermeasures that provide the same level of protection to other products.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041"
]
},
{
"category": "mitigation",
"details": "Operate the products under an account that does not have administrator privileges.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041"
]
},
{
"category": "mitigation",
"details": "Install antivirus software on personal computers running the products.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041"
]
},
{
"category": "mitigation",
"details": "Restrict network exposure for all control system devices or systems to the minimum necessary, and ensure that they are not accessible from untrusted networks and hosts.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041"
]
},
{
"category": "mitigation",
"details": "Locate control system networks and remote devices behind firewalls and isolate them from the business network.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041"
]
},
{
"category": "mitigation",
"details": "Use a virtual private network (VPN) when remote access is required.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041"
]
},
{
"category": "mitigation",
"details": "Refer to Mitsubishi Electric advisory 2020-021 for more information.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041"
],
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2020-021_en.pdf"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041"
]
}
]
},
{
"cve": "CVE-2021-20588",
"cwe": {
"id": "CWE-130",
"name": "Improper Handling of Length Parameter Inconsistency"
},
"notes": [
{
"category": "summary",
"text": "A malicious attacker may cause a denial-of-service condition by spoofing MELSEC, GOT, or FREQROL, and returning crafted reply packets. ",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20588"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Mitsubishi Electric has released updated versions for the following products to address these vulnerabilities. Please download and install the update from the Mitsubishi Electric download site.:",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041"
],
"url": "https://www.mitsubishielectric.com/fa/download/index.html"
},
{
"category": "vendor_fix",
"details": "CPU Module Logging Configuration Tool: Version 1.118X or later",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "vendor_fix",
"details": "CW Configurator: Version 1.012N or later",
"product_ids": [
"CSAFPID-0002"
]
},
{
"category": "vendor_fix",
"details": "Data Transfer: Version 3.45X or later",
"product_ids": [
"CSAFPID-0003"
]
},
{
"category": "vendor_fix",
"details": "EZSocket: Version 5.5 or later",
"product_ids": [
"CSAFPID-0004"
]
},
{
"category": "vendor_fix",
"details": "FR Configurator2: Version 1.25B or later",
"product_ids": [
"CSAFPID-0007"
]
},
{
"category": "mitigation",
"details": "GT Designer3 Version1(GOT1000): Version 1.255R or later",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041"
]
},
{
"category": "mitigation",
"details": "GT Designer3 Version1(GOT2000): Version 1.255R or later",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041"
]
},
{
"category": "vendor_fix",
"details": "GT SoftGOT1000 Version3: Version 3.255R or later",
"product_ids": [
"CSAFPID-0010"
]
},
{
"category": "vendor_fix",
"details": "GT SoftGOT2000 Version1: Version 1.255R or later",
"product_ids": [
"CSAFPID-0011"
]
},
{
"category": "vendor_fix",
"details": "GX Configurator-DP: Version 7.15R or later",
"product_ids": [
"CSAFPID-0012"
]
},
{
"category": "vendor_fix",
"details": "GX Developer: Version 8.507D or later",
"product_ids": [
"CSAFPID-0014"
]
},
{
"category": "vendor_fix",
"details": "GX LogViewer: Version 1.118X or later",
"product_ids": [
"CSAFPID-0017"
]
},
{
"category": "vendor_fix",
"details": "GX Works2: Version 1.600A or later",
"product_ids": [
"CSAFPID-0019"
]
},
{
"category": "vendor_fix",
"details": "GX Works3: Version 1.072A or later",
"product_ids": [
"CSAFPID-0020"
]
},
{
"category": "vendor_fix",
"details": "iQ Monozukuri ANDON (Data Transfer): Version 1.004E or later",
"product_ids": [
"CSAFPID-0003"
]
},
{
"category": "vendor_fix",
"details": "iQ Monozukuri Process Remote Monitoring (Data Transfer): Version 1.005F or later",
"product_ids": [
"CSAFPID-0003"
]
},
{
"category": "vendor_fix",
"details": "M_CommDTM-IO-Link: Version 1.04E or later",
"product_ids": [
"CSAFPID-0024"
]
},
{
"category": "vendor_fix",
"details": "MELFA-Works: Version 4.5 or later",
"product_ids": [
"CSAFPID-0025"
]
},
{
"category": "mitigation",
"details": "MELSOFT EM Software Development Kit (EM Configurator): Version 1.020W or later",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041"
]
},
{
"category": "vendor_fix",
"details": "MELSOFT Navigator: Version 2.78G or later",
"product_ids": [
"CSAFPID-0028"
]
},
{
"category": "vendor_fix",
"details": "MH11 SettingTool Version2: Version 2.005F or later",
"product_ids": [
"CSAFPID-0029"
]
},
{
"category": "vendor_fix",
"details": "MI Configurator: Version 1.005F or later",
"product_ids": [
"CSAFPID-0030"
]
},
{
"category": "vendor_fix",
"details": "MT Works2: Version 1.170C or later",
"product_ids": [
"CSAFPID-0031"
]
},
{
"category": "vendor_fix",
"details": "MX Component: Version 5.002C or later",
"product_ids": [
"CSAFPID-0032"
]
},
{
"category": "vendor_fix",
"details": "Network Interface Board CC IE Control utility: Version 1.30G or later",
"product_ids": [
"CSAFPID-0033"
]
},
{
"category": "vendor_fix",
"details": "Network Interface Board CC IE Field Utility: Version 1.17T or later",
"product_ids": [
"CSAFPID-0034"
]
},
{
"category": "vendor_fix",
"details": "Network Interface Board CC-Link Ver.2 Utility: Version 1.24A or later",
"product_ids": [
"CSAFPID-0035"
]
},
{
"category": "vendor_fix",
"details": "Network Interface Board MNETH utility: Version 35M or later",
"product_ids": [
"CSAFPID-0036"
]
},
{
"category": "vendor_fix",
"details": "PX Developer: Version 1.54G or later",
"product_ids": [
"CSAFPID-0037"
]
},
{
"category": "vendor_fix",
"details": "RT ToolBox2: Version 3.74C or later",
"product_ids": [
"CSAFPID-0038"
]
},
{
"category": "vendor_fix",
"details": "RT ToolBox3: Version 1.90U or later",
"product_ids": [
"CSAFPID-0039"
]
},
{
"category": "mitigation",
"details": "Setting/monitoring tools for the C Controller module (SW4PVC-CCPU): Version 4.13P or later",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041"
]
},
{
"category": "vendor_fix",
"details": "SLMP Data Collector: Version 1.05F or later",
"product_ids": [
"CSAFPID-0041"
]
},
{
"category": "mitigation",
"details": "Mitsubishi Electric has no plans to release fixed versions for the following products:",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041"
]
},
{
"category": "vendor_fix",
"details": "FR Configurator",
"product_ids": [
"CSAFPID-0005"
]
},
{
"category": "vendor_fix",
"details": "FR Configurator SW3",
"product_ids": [
"CSAFPID-0005",
"CSAFPID-0006"
]
},
{
"category": "vendor_fix",
"details": "GX Configurator-QP",
"product_ids": [
"CSAFPID-0013"
]
},
{
"category": "vendor_fix",
"details": "GX Explorer",
"product_ids": [
"CSAFPID-0015"
]
},
{
"category": "vendor_fix",
"details": "GX IEC Developer",
"product_ids": [
"CSAFPID-0016"
]
},
{
"category": "vendor_fix",
"details": "GX RemoteService-I",
"product_ids": [
"CSAFPID-0018"
]
},
{
"category": "vendor_fix",
"details": "M_CommDTM-HART",
"product_ids": [
"CSAFPID-0023"
]
},
{
"category": "vendor_fix",
"details": "MELSEC WinCPU Setting Utility",
"product_ids": [
"CSAFPID-0026"
]
},
{
"category": "mitigation",
"details": "For users of products that do not have a fixed version or who cannot immediately update the product, Mitsubishi Electric recommends taking the following mitigations to minimize the risk of exploiting these vulnerabilities:",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041"
]
},
{
"category": "vendor_fix",
"details": "Install the fixed version of GX Works3 on your personal computer running the products when communicating with MELSEC. GX Works3 provides comprehensive countermeasures that provide the same level of protection to other products.",
"product_ids": [
"CSAFPID-0020"
]
},
{
"category": "vendor_fix",
"details": "Install the fixed version of FR Configurator2 on your personal computer running the products when communicating with FREQROL. FR Configurator2 provides comprehensive countermeasures that provide the same level of protection to other products.",
"product_ids": [
"CSAFPID-0007"
]
},
{
"category": "mitigation",
"details": "Install the fixed version of GT Designer3 on your personal computer running the products when communicating with GOT. GT Designer3 provides comprehensive countermeasures that provide the same level of protection to other products.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041"
]
},
{
"category": "mitigation",
"details": "Operate the products under an account that does not have administrator privileges.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041"
]
},
{
"category": "mitigation",
"details": "Install antivirus software on personal computers running the products.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041"
]
},
{
"category": "mitigation",
"details": "Restrict network exposure for all control system devices or systems to the minimum necessary, and ensure that they are not accessible from untrusted networks and hosts.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041"
]
},
{
"category": "mitigation",
"details": "Locate control system networks and remote devices behind firewalls and isolate them from the business network.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041"
]
},
{
"category": "mitigation",
"details": "Use a virtual private network (VPN) when remote access is required.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041"
]
},
{
"category": "mitigation",
"details": "Refer to Mitsubishi Electric advisory 2020-021 for more information.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041"
],
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2020-021_en.pdf"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041"
]
}
]
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…