Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistMitsubishiCVELIST:CVE-2023-3346
HistoryAug 03, 2023 - 4:00 a.m.

CVE-2023-3346 Denial of Service (DoS) and Remote Code Execution Vulnerability in MITSUBISHI CNC Series

2023-08-0304:00:43
CWE-120
Mitsubishi
www.cve.org
cve-2023-3346
denial of service
remote code execution
mitsubishi cnc series
input size checking
buffer overflow
unauthenticated access
specially crafted packets
system reset

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.9 High

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

74.1%

JSON

Buffer Copy without Checking Size of Input (‘Classic Buffer Overflow’) vulnerability in MITSUBSHI CNC Series allows a remote unauthenticated attacker to cause Denial of Service (DoS) condition and execute arbitrary code on the product by sending specially crafted packets. In addition, system reset is required for recovery.

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "MITSUBISHI CNC M800V Series M800VW",
    "vendor": "Mitsubishi Electric Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "System Number BND-2051W000 versions A8 and prior"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "MITSUBISHI CNC M800V Series M800VS",
    "vendor": "Mitsubishi Electric Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "System Number BND-2052W000 versions A8 and prior"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "MITSUBISHI CNC M80V Series M80V",
    "vendor": "Mitsubishi Electric Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "System Number BND-2053W000 versions A8 and prior"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "MITSUBISHI CNC M80V Series M80VW",
    "vendor": "Mitsubishi Electric Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "System Number BND-2054W000 versions A8 and prior"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "MITSUBISHI CNC M800 Series M800W",
    "vendor": "Mitsubishi Electric Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "System Number BND-2005W000 versions FB and prior"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "MITSUBISHI CNC M800 Series M800S",
    "vendor": "Mitsubishi Electric Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "System Number BND-2006W000 versions FB and prior"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "MITSUBISHI CNC M80 Series M80",
    "vendor": "Mitsubishi Electric Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "System Number BND-2007W000 versions FB and prior"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "MITSUBISHI CNC M80 Series M80W",
    "vendor": "Mitsubishi Electric Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "System Number BND-2008W000 versions FB and prior"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "MITSUBISHI CNC E80 Series E80",
    "vendor": "Mitsubishi Electric Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "System Number BND-2009W000 versions FB and prior"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "MITSUBISHI CNC C80 Series C80",
    "vendor": "Mitsubishi Electric Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "System Number BND-2036W000 versions BF and prior"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "MITSUBISHI CNC M700V Series M720VW",
    "vendor": "Mitsubishi Electric Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "System Number BND-1015W000 versions LF and prior"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "MITSUBISHI CNC M700V Series M730VW",
    "vendor": "Mitsubishi Electric Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "System Number BND-1015W000 versions LF and prior"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "MITSUBISHI CNC M700V Series M750VW",
    "vendor": "Mitsubishi Electric Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "System Number BND-1015W002 versions LF and prior"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "MITSUBISHI CNC M700V Series M720VS",
    "vendor": "Mitsubishi Electric Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "System Number BND-1012W000 versions LF and prior"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "MITSUBISHI CNC M700V Series M730VS",
    "vendor": "Mitsubishi Electric Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "System Number BND-1012W000 versions LF and prior"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "MITSUBISHI CNC M700V Series M750VS",
    "vendor": "Mitsubishi Electric Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "System Number BND-1012W002 versions LF and prior"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "MITSUBISHI CNC M70V Series M70V",
    "vendor": "Mitsubishi Electric Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "System Number BND-1018W000 versions LF and prior"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "MITSUBISHI CNC E70 Series E70",
    "vendor": "Mitsubishi Electric Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "System Number BND-1022W000 versions LF and prior"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "MITSUBISHI CNC IoT Unit Remote Service Gateway Unit",
    "vendor": "Mitsubishi Electric Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "System Number BND-2041W001 versions AD and prior"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "MITSUBISHI CNC IoT Unit Data Acquisition Unit",
    "vendor": "Mitsubishi Electric Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "System Number BND-2041W002 all versions"
      }
    ]
  }
]

Related

ics 1
prion 1
nvd 1
cve 1
ics
ics
Mitsubishi Electric CNC Series (Update E)
2024-01-30 12:00:00
prion
prion
Buffer overflow
2023-08-03 05:15:00
nvd
nvd
CVE-2023-3346
2023-08-03 05:15:10
cve
cve
CVE-2023-3346
2023-08-03 05:15:10

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.9 High

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

74.1%

JSON
Related for CVELIST:CVE-2023-3346
ics1prion1nvd1cve1