CVE-2022-40267
CVSS V2 None
CVSS V3 None
Description
Predictable Seed in Pseudo-Random Number Generator (PRNG) vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series FX5U-xMy/z (x=32,64,80, y=T,R, z=ES,DS,ESS,DSS) with serial number 17X**** or later, and versions 1.280 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5U-xMy/z (x=32,64,80, y=T,R, z=ES,DS,ESS,DSS) with serial number 179**** and prior, and versions 1.074 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5UC-xMy/z (x=32,64,96, y=T, z=D,DSS)) with serial number 17X**** or later, and versions 1.280 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5UC-xMy/z (x=32,64,96, y=T, z=D,DSS)) with serial number 179**** and prior, and versions 1.074 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5UC-32MT/DS-TS versions 1.280 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5UC-32MT/DSS-TS versions 1.280 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5UJ-xMy/z (x=24,40,60, y=T,R, z=ES,ESS) versions 1.042 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5UJ-xMy/ES-A (x=24,40,60, y=T,R) versions 1.043 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5S-xMy/z (x=30,40,60,80, y=T,R, z=ES,ESS) versions 1.003 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5UC-32MR/DS-TS versions 1.280 and prior, Mitsubishi Electric Corporation MELSEC iQ-R Series R00/01/02CPU versions 33 and prior, Mitsubishi Electric Corporation MELSEC iQ-R Series R04/08/16/32/120(EN)CPU versions 66 and prior allows a remote unauthenticated attacker to access the Web server function by guessing the random numbers used for authentication from several used random numbers.
Overview
- CVE ID
- CVE-2022-40267
- Assigner
- Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp
- Vulnerability Status
- Modified
- Published Version
- 2023-01-20T08:15:11
- Last Modified Date
- 2023-04-18T04:15:09
Weakness Enumerations
CPE Configuration (Product)
| CPE | Vulnerable | Operator | Version Start | Version End |
|---|---|---|---|---|
| AND | ||||
| cpe:2.3:o:mitsubishielectric:fx5u-80mt\/ess_firmware:-:*:*:*:*:*:*:* | 1 | OR | ||
| cpe:2.3:h:mitsubishielectric:fx5u-80mt\/ess:-:*:*:*:*:*:*:* | 0 | OR | ||
| AND | ||||
| cpe:2.3:o:mitsubishielectric:fx5u-32mt\/dss_firmware:-:*:*:*:*:*:*:* | 1 | OR | ||
| cpe:2.3:h:mitsubishielectric:fx5u-32mt\/dss:-:*:*:*:*:*:*:* | 0 | OR | ||
| AND | ||||
| cpe:2.3:o:mitsubishielectric:fx5u-64mt\/dss_firmware:-:*:*:*:*:*:*:* | 1 | OR | ||
| cpe:2.3:h:mitsubishielectric:fx5u-64mt\/dss:-:*:*:*:*:*:*:* | 0 | OR | ||
| AND | ||||
| cpe:2.3:o:mitsubishielectric:fx5u-80mt\/dss_firmware:-:*:*:*:*:*:*:* | 1 | OR | ||
| cpe:2.3:h:mitsubishielectric:fx5u-80mt\/dss:-:*:*:*:*:*:*:* | 0 | OR | ||
| AND | ||||
| cpe:2.3:o:mitsubishielectric:fx5uc-32mt\/d_firmware:-:*:*:*:*:*:*:* | 1 | OR | ||
| cpe:2.3:h:mitsubishielectric:fx5uc-32mt\/d:-:*:*:*:*:*:*:* | 0 | OR | ||
| AND | ||||
| cpe:2.3:o:mitsubishielectric:fx5uc-64mt\/d_firmware:-:*:*:*:*:*:*:* | 1 | OR | ||
| cpe:2.3:h:mitsubishielectric:fx5uc-64mt\/d:-:*:*:*:*:*:*:* | 0 | OR | ||
| AND | ||||
| cpe:2.3:o:mitsubishielectric:fx5uc-96mt\/d_firmware:-:*:*:*:*:*:*:* | 1 | OR | ||
| cpe:2.3:h:mitsubishielectric:fx5uc-96mt\/d:-:*:*:*:*:*:*:* | 0 | OR | ||
| AND | ||||
| cpe:2.3:o:mitsubishielectric:fx5uc-32mt\/dss_firmware:-:*:*:*:*:*:*:* | 1 | OR | ||
| cpe:2.3:h:mitsubishielectric:fx5uc-32mt\/dss:-:*:*:*:*:*:*:* | 0 | OR | ||
| AND | ||||
| cpe:2.3:o:mitsubishielectric:fx5uc-64mt\/dss_firmware:-:*:*:*:*:*:*:* | 1 | OR | ||
| cpe:2.3:h:mitsubishielectric:fx5uc-64mt\/dss:-:*:*:*:*:*:*:* | 0 | OR | ||
| AND | ||||
| cpe:2.3:o:mitsubishielectric:fx5uc-96mt\/dss_firmware:-:*:*:*:*:*:*:* | 1 | OR | ||
| cpe:2.3:h:mitsubishielectric:fx5uc-96mt\/dss:-:*:*:*:*:*:*:* | 0 | OR | ||
| AND | ||||
| cpe:2.3:o:mitsubishielectric:fx5uc-32mt\/ds-ts_firmware:*:*:*:*:*:*:*:* | 1 | OR | 1.280 | |
| cpe:2.3:h:mitsubishielectric:fx5uc-32mt\/ds-ts:-:*:*:*:*:*:*:* | 0 | OR | ||
| AND | ||||
| cpe:2.3:o:mitsubishielectric:fx5uc-32mt\/dss-ts_firmware:*:*:*:*:*:*:*:* | 1 | OR | 1.280 | |
| cpe:2.3:h:mitsubishielectric:fx5uc-32mt\/dss-ts:-:*:*:*:*:*:*:* | 0 | OR | ||
| AND | ||||
| cpe:2.3:o:mitsubishielectric:fx5uc-32mr\/ds-ts_firmware:*:*:*:*:*:*:*:* | 1 | OR | 1.280 | |
| cpe:2.3:h:mitsubishielectric:fx5uc-32mr\/ds-ts:-:*:*:*:*:*:*:* | 0 | OR | ||
| AND | ||||
| cpe:2.3:o:mitsubishielectric:r00cpu_firmware:-:*:*:*:*:*:*:* | 1 | OR | ||
| cpe:2.3:h:mitsubishielectric:r00cpu:-:*:*:*:*:*:*:* | 0 | OR | ||
| AND | ||||
| cpe:2.3:o:mitsubishielectric:r01cpu_firmware:-:*:*:*:*:*:*:* | 1 | OR | ||
| cpe:2.3:h:mitsubishielectric:r01cpu:-:*:*:*:*:*:*:* | 0 | OR | ||
| AND | ||||
| cpe:2.3:o:mitsubishielectric:r02cpu_firmware:-:*:*:*:*:*:*:* | 1 | OR | ||
| cpe:2.3:h:mitsubishielectric:r02cpu:-:*:*:*:*:*:*:* | 0 | OR | ||
| AND | ||||
| cpe:2.3:o:mitsubishielectric:r04cpu_firmware:-:*:*:*:*:*:*:* | 1 | OR | ||
| cpe:2.3:h:mitsubishielectric:r04cpu:-:*:*:*:*:*:*:* | 0 | OR | ||
| AND | ||||
| cpe:2.3:o:mitsubishielectric:r08cpu_firmware:-:*:*:*:*:*:*:* | 1 | OR | ||
| cpe:2.3:h:mitsubishielectric:r08cpu:-:*:*:*:*:*:*:* | 0 | OR | ||
| AND | ||||
| cpe:2.3:o:mitsubishielectric:r16cpu_firmware:-:*:*:*:*:*:*:* | 1 | OR | ||
| cpe:2.3:h:mitsubishielectric:r16cpu:-:*:*:*:*:*:*:* | 0 | OR | ||
| AND | ||||
| cpe:2.3:o:mitsubishielectric:r32cpu_firmware:-:*:*:*:*:*:*:* | 1 | OR | ||
| cpe:2.3:h:mitsubishielectric:r32cpu:-:*:*:*:*:*:*:* | 0 | OR | ||
| AND | ||||
| cpe:2.3:o:mitsubishielectric:r120cpu_firmware:-:*:*:*:*:*:*:* | 1 | OR | ||
| cpe:2.3:h:mitsubishielectric:r120cpu:-:*:*:*:*:*:*:* | 0 | OR | ||
| AND | ||||
| cpe:2.3:o:mitsubishielectric:r04encpu_firmware:-:*:*:*:*:*:*:* | 1 | OR | ||
| cpe:2.3:h:mitsubishielectric:r04encpu:-:*:*:*:*:*:*:* | 0 | OR | ||
| AND | ||||
| cpe:2.3:o:mitsubishielectric:r08encpu_firmware:-:*:*:*:*:*:*:* | 1 | OR | ||
| cpe:2.3:h:mitsubishielectric:r08encpu:-:*:*:*:*:*:*:* | 0 | OR | ||
| AND | ||||
| cpe:2.3:o:mitsubishielectric:r16encpu_firmware:-:*:*:*:*:*:*:* | 1 | OR | ||
| cpe:2.3:h:mitsubishielectric:r16encpu:-:*:*:*:*:*:*:* | 0 | OR | ||
| AND | ||||
| cpe:2.3:o:mitsubishielectric:r32encpu_firmware:-:*:*:*:*:*:*:* | 1 | OR | ||
| cpe:2.3:h:mitsubishielectric:r32encpu:-:*:*:*:*:*:*:* | 0 | OR | ||
| AND | ||||
| cpe:2.3:o:mitsubishielectric:r120encpu_firmware:-:*:*:*:*:*:*:* | 1 | OR | ||
| cpe:2.3:h:mitsubishielectric:r120encpu:-:*:*:*:*:*:*:* | 0 | OR | ||
| AND | ||||
| cpe:2.3:o:mitsubishielectric:fx5uj-24mt\/es_firmware:*:*:*:*:*:*:*:* | 1 | OR | 1.042 | |
| cpe:2.3:h:mitsubishielectric:fx5uj-24mt\/es:-:*:*:*:*:*:*:* | 0 | OR | ||
| AND | ||||
| cpe:2.3:o:mitsubishielectric:fx5uj-40mt\/es_firmware:*:*:*:*:*:*:*:* | 1 | OR | 1.042 | |
| cpe:2.3:h:mitsubishielectric:fx5uj-40mt\/es:-:*:*:*:*:*:*:* | 0 | OR | ||
| AND | ||||
| cpe:2.3:o:mitsubishielectric:fx5uj-60mt\/es_firmware:*:*:*:*:*:*:*:* | 1 | OR | 1.042 | |
| cpe:2.3:h:mitsubishielectric:fx5uj-60mt\/es:-:*:*:*:*:*:*:* | 0 | OR | ||
| AND | ||||
| cpe:2.3:o:mitsubishielectric:fx5uj-24mr\/es_firmware:*:*:*:*:*:*:*:* | 1 | OR | 1.042 | |
| cpe:2.3:h:mitsubishielectric:fx5uj-24mr\/es:-:*:*:*:*:*:*:* | 0 | OR | ||
| AND | ||||
| cpe:2.3:o:mitsubishielectric:fx5uj-40mr\/es_firmware:*:*:*:*:*:*:*:* | 1 | OR | 1.042 | |
| cpe:2.3:h:mitsubishielectric:fx5uj-40mr\/es:-:*:*:*:*:*:*:* | 0 | OR | ||
| AND | ||||
| cpe:2.3:o:mitsubishielectric:fx5uj-60mr\/es_firmware:*:*:*:*:*:*:*:* | 1 | OR | 1.042 | |
| cpe:2.3:h:mitsubishielectric:fx5uj-60mr\/es:-:*:*:*:*:*:*:* | 0 | OR | ||
| AND | ||||
| cpe:2.3:o:mitsubishielectric:fx5uj-24mt\/ess_firmware:*:*:*:*:*:*:*:* | 1 | OR | 1.042 | |
| cpe:2.3:h:mitsubishielectric:fx5uj-24mt\/ess:-:*:*:*:*:*:*:* | 0 | OR | ||
| AND | ||||
| cpe:2.3:o:mitsubishielectric:fx5uj-40mt\/ess_firmware:*:*:*:*:*:*:*:* | 1 | OR | 1.042 | |
| cpe:2.3:h:mitsubishielectric:fx5uj-40mt\/ess:-:*:*:*:*:*:*:* | 0 | OR | ||
| AND | ||||
| cpe:2.3:o:mitsubishielectric:fx5uj-60mt\/ess_firmware:*:*:*:*:*:*:*:* | 1 | OR | 1.042 | |
| cpe:2.3:h:mitsubishielectric:fx5uj-60mt\/ess:-:*:*:*:*:*:*:* | 0 | OR | ||
| AND | ||||
| cpe:2.3:o:mitsubishielectric:fx5uj-24mt\/es-a_firmware:*:*:*:*:*:*:*:* | 1 | OR | 1.043 | |
| cpe:2.3:h:mitsubishielectric:fx5uj-24mt\/es-a:-:*:*:*:*:*:*:* | 0 | OR | ||
| AND | ||||
| cpe:2.3:o:mitsubishielectric:fx5uj-40mt\/es-a_firmware:*:*:*:*:*:*:*:* | 1 | OR | 1.043 | |
| cpe:2.3:h:mitsubishielectric:fx5uj-40mt\/es-a:-:*:*:*:*:*:*:* | 0 | OR | ||
| AND | ||||
| cpe:2.3:o:mitsubishielectric:fx5uj-60mt\/es-a_firmware:*:*:*:*:*:*:*:* | 1 | OR | 1.043 | |
| cpe:2.3:h:mitsubishielectric:fx5uj-60mt\/es-a:-:*:*:*:*:*:*:* | 0 | OR | ||
| AND | ||||
| cpe:2.3:o:mitsubishielectric:fx5uj-24mr\/es-a_firmware:*:*:*:*:*:*:*:* | 1 | OR | 1.043 | |
| cpe:2.3:h:mitsubishielectric:fx5uj-24mr\/es-a:-:*:*:*:*:*:*:* | 0 | OR | ||
| AND | ||||
| cpe:2.3:o:mitsubishielectric:fx5uj-40mr\/es-a_firmware:*:*:*:*:*:*:*:* | 1 | OR | 1.043 | |
| cpe:2.3:h:mitsubishielectric:fx5uj-40mr\/es-a:-:*:*:*:*:*:*:* | 0 | OR | ||
| AND | ||||
| cpe:2.3:o:mitsubishielectric:fx5uj-60mr\/es-a_firmware:*:*:*:*:*:*:*:* | 1 | OR | 1.043 | |
| cpe:2.3:h:mitsubishielectric:fx5uj-60mr\/es-a:-:*:*:*:*:*:*:* | 0 | OR | ||
| AND | ||||
| cpe:2.3:o:mitsubishielectric:fx5s-30mt\/es_firmware:*:*:*:*:*:*:*:* | 1 | OR | 1.003 | |
| cpe:2.3:h:mitsubishielectric:fx5s-30mt\/es:-:*:*:*:*:*:*:* | 0 | OR | ||
| AND | ||||
| cpe:2.3:o:mitsubishielectric:fx5s-40mt\/es_firmware:*:*:*:*:*:*:*:* | 1 | OR | 1.003 | |
| cpe:2.3:h:mitsubishielectric:fx5s-40mt\/es:-:*:*:*:*:*:*:* | 0 | OR | ||
| AND | ||||
| cpe:2.3:o:mitsubishielectric:fx5s-60mt\/es_firmware:*:*:*:*:*:*:*:* | 1 | OR | 1.003 | |
| cpe:2.3:h:mitsubishielectric:fx5s-60mt\/es:-:*:*:*:*:*:*:* | 0 | OR | ||
| AND | ||||
| cpe:2.3:o:mitsubishielectric:fx5s-80mt\/es_firmware:*:*:*:*:*:*:*:* | 1 | OR | 1.003 | |
| cpe:2.3:h:mitsubishielectric:fx5s-80mt\/es:-:*:*:*:*:*:*:* | 0 | OR | ||
| AND | ||||
| cpe:2.3:o:mitsubishielectric:fx5s-30mr\/es_firmware:*:*:*:*:*:*:*:* | 1 | OR | 1.003 | |
| cpe:2.3:h:mitsubishielectric:fx5s-30mr\/es:-:*:*:*:*:*:*:* | 0 | OR | ||
| AND | ||||
| cpe:2.3:o:mitsubishielectric:fx5s-40mr\/es_firmware:*:*:*:*:*:*:*:* | 1 | OR | 1.003 | |
| cpe:2.3:h:mitsubishielectric:fx5s-40mr\/es:-:*:*:*:*:*:*:* | 0 | OR | ||
| AND | ||||
| cpe:2.3:o:mitsubishielectric:fx5s-60mr\/es_firmware:*:*:*:*:*:*:*:* | 1 | OR | 1.003 | |
| cpe:2.3:h:mitsubishielectric:fx5s-60mr\/es:-:*:*:*:*:*:*:* | 0 | OR | ||
| AND | ||||
| cpe:2.3:o:mitsubishielectric:fx5s-80mr\/es_firmware:*:*:*:*:*:*:*:* | 1 | OR | 1.003 | |
| cpe:2.3:h:mitsubishielectric:fx5s-80mr\/es:-:*:*:*:*:*:*:* | 0 | OR | ||
| AND | ||||
| cpe:2.3:o:mitsubishielectric:fx5s-30mt\/ess_firmware:*:*:*:*:*:*:*:* | 1 | OR | 1.003 | |
| cpe:2.3:h:mitsubishielectric:fx5s-30mt\/ess:-:*:*:*:*:*:*:* | 0 | OR | ||
| AND | ||||
| cpe:2.3:o:mitsubishielectric:fx5s-40mt\/ess_firmware:*:*:*:*:*:*:*:* | 1 | OR | 1.003 | |
| cpe:2.3:h:mitsubishielectric:fx5s-40mt\/ess:-:*:*:*:*:*:*:* | 0 | OR | ||
| AND | ||||
| cpe:2.3:o:mitsubishielectric:fx5s-60mt\/ess_firmware:*:*:*:*:*:*:*:* | 1 | OR | 1.003 | |
| cpe:2.3:h:mitsubishielectric:fx5s-60mt\/ess:-:*:*:*:*:*:*:* | 0 | OR | ||
| AND | ||||
| cpe:2.3:o:mitsubishielectric:fx5s-80mt\/ess_firmware:*:*:*:*:*:*:*:* | 1 | OR | 1.003 | |
| cpe:2.3:h:mitsubishielectric:fx5s-80mt\/ess:-:*:*:*:*:*:*:* | 0 | OR |
Sources
| Source Name | Source URL |
|---|---|
| NIST | https://nvd.nist.gov/vuln/detail/CVE-2022-40267 |
| MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40267 |
History
| Created | Old Value | New Value | Data Type | Notes |
|---|---|---|---|---|
| 2023-01-20 09:14:38 | Added to TrackCVE | |||
| 2023-01-20 09:14:39 | Weakness Enumeration | new | ||
| 2023-01-20 15:15:00 | 2023-01-20T13:54:58 | CVE Modified Date | updated | |
| 2023-01-20 15:15:00 | Received | Awaiting Analysis | Vulnerability Status | updated |
| 2023-01-27 11:17:00 | 2023-01-27T10:15:14 | CVE Modified Date | updated | |
| 2023-01-27 11:17:02 | Predictable Seed in Pseudo-Random Number Generator (PRNG) vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series FX5U-xMy/z (x=32,64,80, y=T,R, z=ES,DS,ESS,DSS) with serial number 17X**** or later, and versions 1.280 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5U-xMy/z (x=32,64,80, y=T,R, z=ES,DS,ESS,DSS) with serial number 179**** and prior, and versions 1.074 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5UC-xMy/z (x=32,64,96, y=T, z=D,DSS)) with serial number 17X**** or later, and versions 1.280 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5UC-xMy/z (x=32,64,96, y=T, z=D,DSS)) with serial number 179**** and prior, and versions 1.074 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5UC-32MT/DS-TS versions 1.280 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5UC-32MT/DSS-TS versions 1.280 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5UC-32MR/DS-TS versions 1.280 and prior, Mitsubishi Electric Corporation MELSEC iQ-R Series R00/01/02CPU all versions, Mitsubishi Electric Corporation MELSEC iQ-R Series R04/08/16/32/120(EN)CPU all versions allows a remote unauthenticated attacker to access the Web server function by guessing the random numbers used for authentication from several used random numbers. | Predictable Seed in Pseudo-Random Number Generator (PRNG) vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series FX5U-xMy/z (x=32,64,80, y=T,R, z=ES,DS,ESS,DSS) with serial number 17X**** or later, and versions 1.280 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5U-xMy/z (x=32,64,80, y=T,R, z=ES,DS,ESS,DSS) with serial number 179**** and prior, and versions 1.074 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5UC-xMy/z (x=32,64,96, y=T, z=D,DSS)) with serial number 17X**** or later, and versions 1.280 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5UC-xMy/z (x=32,64,96, y=T, z=D,DSS)) with serial number 179**** and prior, and versions 1.074 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5UC-32MT/DS-TS versions 1.280 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5UC-32MT/DSS-TS versions 1.280 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5UJ-xMy/z (x=24,40,60, y=T,R, z=ES,ESS) versions 1.042 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5UJ-xMy/ES-A (x=24,40,60, y=T,R) versions 1.043 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5S-xMy/z (x=30,40,60,80, y=T,R, z=ES,ESS) versions 1.003 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5UC-32MR/DS-TS versions 1.280 and prior, Mitsubishi Electric Corporation MELSEC iQ-R Series R00/01/02CPU all versions, Mitsubishi Electric Corporation MELSEC iQ-R Series R04/08/16/32/120(EN)CPU all versions allows a remote unauthenticated attacker to access the Web server function by guessing the random numbers used for authentication from several used random numbers. | Description | updated |
| 2023-01-27 16:15:43 | Awaiting Analysis | Undergoing Analysis | Vulnerability Status | updated |
| 2023-01-30 21:13:45 | 2023-01-30T18:42:24 | CVE Modified Date | updated | |
| 2023-01-30 21:13:45 | Undergoing Analysis | Analyzed | Vulnerability Status | updated |
| 2023-01-30 21:13:48 | Weakness Enumeration | update | ||
| 2023-01-30 21:13:52 | CPE Information | updated | ||
| 2023-04-18 06:01:38 | 2023-04-18T04:15:09 | CVE Modified Date | updated | |
| 2023-04-18 06:01:38 | Analyzed | Modified | Vulnerability Status | updated |
| 2023-04-18 06:01:39 | Predictable Seed in Pseudo-Random Number Generator (PRNG) vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series FX5U-xMy/z (x=32,64,80, y=T,R, z=ES,DS,ESS,DSS) with serial number 17X**** or later, and versions 1.280 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5U-xMy/z (x=32,64,80, y=T,R, z=ES,DS,ESS,DSS) with serial number 179**** and prior, and versions 1.074 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5UC-xMy/z (x=32,64,96, y=T, z=D,DSS)) with serial number 17X**** or later, and versions 1.280 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5UC-xMy/z (x=32,64,96, y=T, z=D,DSS)) with serial number 179**** and prior, and versions 1.074 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5UC-32MT/DS-TS versions 1.280 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5UC-32MT/DSS-TS versions 1.280 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5UJ-xMy/z (x=24,40,60, y=T,R, z=ES,ESS) versions 1.042 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5UJ-xMy/ES-A (x=24,40,60, y=T,R) versions 1.043 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5S-xMy/z (x=30,40,60,80, y=T,R, z=ES,ESS) versions 1.003 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5UC-32MR/DS-TS versions 1.280 and prior, Mitsubishi Electric Corporation MELSEC iQ-R Series R00/01/02CPU all versions, Mitsubishi Electric Corporation MELSEC iQ-R Series R04/08/16/32/120(EN)CPU all versions allows a remote unauthenticated attacker to access the Web server function by guessing the random numbers used for authentication from several used random numbers. | Predictable Seed in Pseudo-Random Number Generator (PRNG) vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series FX5U-xMy/z (x=32,64,80, y=T,R, z=ES,DS,ESS,DSS) with serial number 17X**** or later, and versions 1.280 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5U-xMy/z (x=32,64,80, y=T,R, z=ES,DS,ESS,DSS) with serial number 179**** and prior, and versions 1.074 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5UC-xMy/z (x=32,64,96, y=T, z=D,DSS)) with serial number 17X**** or later, and versions 1.280 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5UC-xMy/z (x=32,64,96, y=T, z=D,DSS)) with serial number 179**** and prior, and versions 1.074 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5UC-32MT/DS-TS versions 1.280 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5UC-32MT/DSS-TS versions 1.280 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5UJ-xMy/z (x=24,40,60, y=T,R, z=ES,ESS) versions 1.042 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5UJ-xMy/ES-A (x=24,40,60, y=T,R) versions 1.043 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5S-xMy/z (x=30,40,60,80, y=T,R, z=ES,ESS) versions 1.003 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5UC-32MR/DS-TS versions 1.280 and prior, Mitsubishi Electric Corporation MELSEC iQ-R Series R00/01/02CPU versions 33 and prior, Mitsubishi Electric Corporation MELSEC iQ-R Series R04/08/16/32/120(EN)CPU versions 66 and prior allows a remote unauthenticated attacker to access the Web server function by guessing the random numbers used for authentication from several used random numbers. | Description | updated |