cbcvebase.
CVE-2023-4562
published 2023-10-13

CVE-2023-4562: Improper Authentication vulnerability in Mitsubishi Electric Corporation MELSEC-F Series main modules allows a remote unauthenticated attacker to obtain…

PriorityP262critical9.1CVSS 3.1
AVNACLPRNUINSUCHIHAN
EPSS
0.85%
53.6th percentile
Improper Authentication vulnerability in Mitsubishi Electric Corporation MELSEC-F Series main modules allows a remote unauthenticated attacker to obtain sequence programs from the product or write malicious sequence programs or improper data in the product without authentication by sending illegitimate messages.

Affected

153 ranges· showing 25
VendorProductVersion rangeFixed in
mitsubishi_electric_corporationmelsec-f_series_fx3g-14mr_ds
mitsubishi_electric_corporationmelsec-f_series_fx3g-14mr_es
mitsubishi_electric_corporationmelsec-f_series_fx3g-14mr_es-a
mitsubishi_electric_corporationmelsec-f_series_fx3g-14mt_ds
mitsubishi_electric_corporationmelsec-f_series_fx3g-14mt_dss
mitsubishi_electric_corporationmelsec-f_series_fx3g-14mt_es
mitsubishi_electric_corporationmelsec-f_series_fx3g-14mt_es-a
mitsubishi_electric_corporationmelsec-f_series_fx3g-14mt_ess
mitsubishi_electric_corporationmelsec-f_series_fx3g-24mr_ds
mitsubishi_electric_corporationmelsec-f_series_fx3g-24mr_es
mitsubishi_electric_corporationmelsec-f_series_fx3g-24mr_es-a
mitsubishi_electric_corporationmelsec-f_series_fx3g-24mt_ds
mitsubishi_electric_corporationmelsec-f_series_fx3g-24mt_dss
mitsubishi_electric_corporationmelsec-f_series_fx3g-24mt_es
mitsubishi_electric_corporationmelsec-f_series_fx3g-24mt_es-a
mitsubishi_electric_corporationmelsec-f_series_fx3g-24mt_ess
mitsubishi_electric_corporationmelsec-f_series_fx3g-40mr_ds
mitsubishi_electric_corporationmelsec-f_series_fx3g-40mr_es
mitsubishi_electric_corporationmelsec-f_series_fx3g-40mr_es-a
mitsubishi_electric_corporationmelsec-f_series_fx3g-40mt_ds
mitsubishi_electric_corporationmelsec-f_series_fx3g-40mt_dss
mitsubishi_electric_corporationmelsec-f_series_fx3g-40mt_es
mitsubishi_electric_corporationmelsec-f_series_fx3g-40mt_es-a
mitsubishi_electric_corporationmelsec-f_series_fx3g-40mt_ess
mitsubishi_electric_corporationmelsec-f_series_fx3g-60mr_ds

Detection & IOCsextracted from sources · hover to see the quote

  • Exploit vector is unauthenticated remote network access (AV:N/AC:L/PR:N/UI:N) targeting MELSEC-F Series main modules via illegitimate messages — monitor for unexpected connections to MELSEC-F PLCs, especially read/write sequence program commands from untrusted hosts
  • Exploitation requires the affected PLC to be paired with ethernet adapter FX3U-ENET-ADP or ethernet block FX3U-ENET(-L); detection scope should focus on devices with these ethernet interfaces exposed
  • Attack complexity is Low with no privileges or user interaction required (CVSS 9.1); any unauthenticated host reaching the PLC over the network is a potential attacker — alert on any new or unexpected source IPs communicating with MELSEC-F ethernet modules
  • ·Some affected products are sold only in limited regions; global detection deployments should verify regional applicability of asset scope
  • ·No known public exploitation has been reported as of the advisory date; detection posture should be preventive/monitoring rather than reactive to active campaigns
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.