CVE-2024-0803

CRITICAL

Mitsubishi Electric Corporation MELSEC-Q Series & MELSEC-L Series -...

Title source: llm
STIX 2.1

Description

Integer Overflow or Wraparound vulnerability in Mitsubishi Electric Corporation MELSEC-Q Series and MELSEC-L Series CPU modules allows a remote unauthenticated attacker to execute malicious code on a target product by sending a specially crafted packet.

References (3)

Core 3
Core References
Third Party Advisory government-resource
https://jvn.jp/vu/JVNVU99690199/
Third Party Advisory, US Government Resource government-resource
https://www.cisa.gov/news-events/ics-advisories/icsa-24-074-14

Scores

CVSS v3 9.8
EPSS 0.0104
EPSS Percentile 59.7%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable yes
Technical Impact total

Details

CWE
CWE-190
Status published
Products (26)
Mitsubishi Electric Corporation/MELSEC-L Series L02CPU The first 5 digits of serial No. "26041" and prior
Mitsubishi Electric Corporation/MELSEC-L Series L02CPU-P The first 5 digits of serial No. "26041" and prior
Mitsubishi Electric Corporation/MELSEC-L Series L06CPU The first 5 digits of serial No. "26041" and prior
Mitsubishi Electric Corporation/MELSEC-L Series L06CPU-P The first 5 digits of serial No. "26041" and prior
Mitsubishi Electric Corporation/MELSEC-L Series L26CPU The first 5 digits of serial No. "26041" and prior
Mitsubishi Electric Corporation/MELSEC-L Series L26CPU-BT The first 5 digits of serial No. "26041" and prior
Mitsubishi Electric Corporation/MELSEC-L Series L26CPU-P The first 5 digits of serial No. "26041" and prior
Mitsubishi Electric Corporation/MELSEC-L Series L26CPU-PBT The first 5 digits of serial No. "26041" and prior
Mitsubishi Electric Corporation/MELSEC-Q Series Q03UDECPU The first 5 digits of serial No. "26061" and prior
Mitsubishi Electric Corporation/MELSEC-Q Series Q03UDVCPU The first 5 digits of serial No. "26061" and prior
... and 16 more
Published Mar 15, 2024
Tracked Since Feb 18, 2026