cbcvebase.
CVE-2023-2846
published 2023-06-30

CVE-2023-2846: Authentication Bypass by Capture-replay vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series main modules allows a remote unauthenticated…

PriorityP267critical9.1CVSS 3.1
AVNACLPRNUINSUCHIHAN
EPSS
1.32%
67.3th percentile
Authentication Bypass by Capture-replay vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series main modules allows a remote unauthenticated attacker to cancel the password/keyword setting and login to the affected products by sending specially crafted packets.

Affected

150 ranges· showing 25
VendorProductVersion rangeFixed in
mitsubishi_electric_corporationmelsec-f_series_fx3g-14mr_ds
mitsubishi_electric_corporationmelsec-f_series_fx3g-14mr_es
mitsubishi_electric_corporationmelsec-f_series_fx3g-14mr_es-a
mitsubishi_electric_corporationmelsec-f_series_fx3g-14mt_ds
mitsubishi_electric_corporationmelsec-f_series_fx3g-14mt_dss
mitsubishi_electric_corporationmelsec-f_series_fx3g-14mt_es
mitsubishi_electric_corporationmelsec-f_series_fx3g-14mt_es-a
mitsubishi_electric_corporationmelsec-f_series_fx3g-14mt_ess
mitsubishi_electric_corporationmelsec-f_series_fx3g-24mr_ds
mitsubishi_electric_corporationmelsec-f_series_fx3g-24mr_es
mitsubishi_electric_corporationmelsec-f_series_fx3g-24mr_es-a
mitsubishi_electric_corporationmelsec-f_series_fx3g-24mt_ds
mitsubishi_electric_corporationmelsec-f_series_fx3g-24mt_dss
mitsubishi_electric_corporationmelsec-f_series_fx3g-24mt_es
mitsubishi_electric_corporationmelsec-f_series_fx3g-24mt_es-a
mitsubishi_electric_corporationmelsec-f_series_fx3g-24mt_ess
mitsubishi_electric_corporationmelsec-f_series_fx3g-40mr_ds
mitsubishi_electric_corporationmelsec-f_series_fx3g-40mr_es
mitsubishi_electric_corporationmelsec-f_series_fx3g-40mr_es-a
mitsubishi_electric_corporationmelsec-f_series_fx3g-40mt_ds
mitsubishi_electric_corporationmelsec-f_series_fx3g-40mt_dss
mitsubishi_electric_corporationmelsec-f_series_fx3g-40mt_es
mitsubishi_electric_corporationmelsec-f_series_fx3g-40mt_es-a
mitsubishi_electric_corporationmelsec-f_series_fx3g-40mt_ess
mitsubishi_electric_corporationmelsec-f_series_fx3g-60mr_ds

Detection & IOCsextracted from sources · hover to see the quote

  • Exploit vector is network-based (AV:N), unauthenticated, low complexity — monitor for unexpected authentication or login activity to MELSEC-F Series PLCs over Ethernet (via FX3U-ENET-ADP or FX3U-ENET(-L) adapters)
  • Classify as Authentication Bypass by Capture-Replay (CWE-294); detection should focus on replayed or anomalous authentication packet sequences directed at MELSEC-F Series main modules
  • No known public exploits exist as of advisory publication; prioritize network-level anomaly detection and access logging on affected PLC Ethernet interfaces
  • ·All firmware versions of all listed MELSEC-F Series products are affected — there is no patched version boundary to filter on; treat all deployed units as vulnerable
  • ·Ethernet exposure is the attack surface; FX3U/FX3UC/FX3G/FX3GC/FX3GA/FX3S/FX3SA series units are only affected when paired with FX3U-ENET-ADP or FX3U-ENET(-L) adapters — confirm Ethernet adapter presence before scoping detection
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.