Detections
Analytics

Mitsubishi Electric MELSEC-F Series Authentication Bypass By Capture-Replay (CVE-2023-2846)

critical Tenable OT Security Plugin ID 501598

Synopsis

The remote OT asset is affected by a vulnerability.

Description

Authentication Bypass by Capture-replay vulnerability in Mitsubishi Electric Corporation MELSEC-F Series main modules allows a remote unauthenticated attacker to cancel the password/keyword setting and login to the affected products by sending specially crafted packets.

This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.

Solution

The following text was originally created by the Cybersecurity and Infrastructure Security Agency (CISA). The original can be found at CISA.gov.

​​Mitsubishi Electric recommends customers take the following mitigation measures to minimize the risk of an attacker exploiting this vulnerability:

- ​Use a firewall or virtual private network (VPN), etc., to prevent unauthorized access when internet access is required.
- ​Use within a LAN and block access from untrusted networks and hosts through firewalls.
- ​Restrict physical access to affected products and the LAN they connect.

​For specific update instructions and additional details, see the Mitsubishi Electric advisory.


See Also

http://www.nessus.org/u?e2e9705e

https://www.cisa.gov/news-events/ics-advisories/icsa-23-180-04

https://jvn.jp/vu/JVNVU94519952

Plugin Details

Severity: Critical

ID: 501598

Version: 1.4

Type: remote

Family: Tenable.ot

Published: 8/7/2023

Updated: 3/4/2024

Supported Sensors: Tenable OT Security

Risk Information

VPR

Risk Factor: Medium

Score: 6.0

CVSS v2

Risk Factor: High

Base Score: 9.4

Temporal Score: 7

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:N

CVSS Score Source: CVE-2023-2846

CVSS v3

Risk Factor: Critical

Base Score: 9.1

Temporal Score: 7.9

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:mitsubishielectric:fx3g-14mr%2fds_firmware:-, cpe:/o:mitsubishielectric:fx3g-14mr%2fes-a_firmware:-, cpe:/o:mitsubishielectric:fx3g-14mr%2fes_firmware:-, cpe:/o:mitsubishielectric:fx3g-14mt%2fds_firmware:-, cpe:/o:mitsubishielectric:fx3g-14mt%2fdss_firmware:-, cpe:/o:mitsubishielectric:fx3g-14mt%2fes-a_firmware:-, cpe:/o:mitsubishielectric:fx3g-14mt%2fes_firmware:-, cpe:/o:mitsubishielectric:fx3g-14mt%2fess_firmware:-, cpe:/o:mitsubishielectric:fx3g-24mr%2fds_firmware:-, cpe:/o:mitsubishielectric:fx3g-24mr%2fes-a_firmware:-, cpe:/o:mitsubishielectric:fx3g-24mr%2fes_firmware:-, cpe:/o:mitsubishielectric:fx3g-24mt%2fds_firmware:-, cpe:/o:mitsubishielectric:fx3g-24mt%2fdss_firmware:-, cpe:/o:mitsubishielectric:fx3g-24mt%2fes-a_firmware:-, cpe:/o:mitsubishielectric:fx3g-24mt%2fes_firmware:-, cpe:/o:mitsubishielectric:fx3g-24mt%2fess_firmware:-, cpe:/o:mitsubishielectric:fx3g-40mr%2fds_firmware:-, cpe:/o:mitsubishielectric:fx3g-40mr%2fes-a_firmware:-, cpe:/o:mitsubishielectric:fx3g-40mr%2fes_firmware:-, cpe:/o:mitsubishielectric:fx3g-40mt%2fds_firmware:-, cpe:/o:mitsubishielectric:fx3g-40mt%2fdss_firmware:-, cpe:/o:mitsubishielectric:fx3g-40mt%2fes-a_firmware:-, cpe:/o:mitsubishielectric:fx3g-40mt%2fes_firmware:-, cpe:/o:mitsubishielectric:fx3s-20mt%2fdss_firmware:-, cpe:/o:mitsubishielectric:fx3s-20mt%2fes_firmware:-, cpe:/o:mitsubishielectric:fx3s-20mt%2fess_firmware:-, cpe:/o:mitsubishielectric:fx3s-30mr%2fds_firmware:-, cpe:/o:mitsubishielectric:fx3s-30mr%2fes-2ad_firmware:-, cpe:/o:mitsubishielectric:fx3s-30mr%2fes_firmware:-, cpe:/o:mitsubishielectric:fx3s-30mt%2fds_firmware:-, cpe:/o:mitsubishielectric:fx3s-30mt%2fdss_firmware:-, cpe:/o:mitsubishielectric:fx3s-30mt%2fes-2ad_firmware:-, cpe:/o:mitsubishielectric:fx3s-30mt%2fes_firmware:-, cpe:/o:mitsubishielectric:fx3s-30mt%2fess-2ad_firmware:-, cpe:/o:mitsubishielectric:fx3s-30mt%2fess_firmware:-, cpe:/o:mitsubishielectric:fx3sa-10mr-cm_firmware:-, cpe:/o:mitsubishielectric:fx3sa-10mt-cm_firmware:-, cpe:/o:mitsubishielectric:fx3sa-14mr-cm_firmware:-, cpe:/o:mitsubishielectric:fx3sa-14mt-cm_firmware:-, cpe:/o:mitsubishielectric:fx3sa-20mr-cm_firmware:-, cpe:/o:mitsubishielectric:fx3sa-20mt-cm_firmware:-, cpe:/o:mitsubishielectric:fx3sa-30mr-cm_firmware:-, cpe:/o:mitsubishielectric:fx3sa-30mt-cm_firmware:-, cpe:/o:mitsubishielectric:fx3u-128mr%2fes-a_firmware:-, cpe:/o:mitsubishielectric:fx3u-128mr%2fes_firmware:-, cpe:/o:mitsubishielectric:fx3u-128mt%2fes-a_firmware:-, cpe:/o:mitsubishielectric:fx3u-128mt%2fes_firmware:-, cpe:/o:mitsubishielectric:fx3u-128mt%2fess_firmware:-, cpe:/o:mitsubishielectric:fx3u-16mr%2fds_firmware:-, cpe:/o:mitsubishielectric:fx3u-16mr%2fes-a_firmware:-, cpe:/o:mitsubishielectric:fx3uc-16mt%2fdss-p4_firmware:-, cpe:/o:mitsubishielectric:fx3uc-16mt%2fdss_firmware:-, cpe:/o:mitsubishielectric:fx3uc-32mt%2fd_firmware:-, cpe:/o:mitsubishielectric:fx3uc-32mt%2fdss_firmware:-, cpe:/o:mitsubishielectric:fx3uc-32mt-lt-2_firmware:-, cpe:/o:mitsubishielectric:fx3uc-32mt-lt_firmware:-, cpe:/o:mitsubishielectric:fx3uc-64mt%2fd_firmware:-, cpe:/o:mitsubishielectric:fx3uc-64mt%2fdss_firmware:-, cpe:/o:mitsubishielectric:fx3uc-96mt%2fd_firmware:-, cpe:/o:mitsubishielectric:fx3uc-96mt%2fdss_firmware:-, cpe:/o:mitsubishielectric:fx3g-40mt%2fess_firmware:-, cpe:/o:mitsubishielectric:fx3g-60mr%2fds_firmware:-, cpe:/o:mitsubishielectric:fx3g-60mr%2fes-a_firmware:-, cpe:/o:mitsubishielectric:fx3g-60mr%2fes_firmware:-, cpe:/o:mitsubishielectric:fx3g-60mt%2fds_firmware:-, cpe:/o:mitsubishielectric:fx3g-60mt%2fdss_firmware:-, cpe:/o:mitsubishielectric:fx3g-60mt%2fes-a_firmware:-, cpe:/o:mitsubishielectric:fx3g-60mt%2fes_firmware:-, cpe:/o:mitsubishielectric:fx3g-60mt%2fess_firmware:-, cpe:/o:mitsubishielectric:fx3ga-24mr-cm_firmware:-, cpe:/o:mitsubishielectric:fx3ga-24mt-cm_firmware:-, cpe:/o:mitsubishielectric:fx3ga-40mr-cm_firmware:-, cpe:/o:mitsubishielectric:fx3ga-40mt-cm_firmware:-, cpe:/o:mitsubishielectric:fx3ga-60mr-cm_firmware:-, cpe:/o:mitsubishielectric:fx3ga-60mt-cm_firmware:-, cpe:/o:mitsubishielectric:fx3gc-32mt%2fd_firmware:-, cpe:/o:mitsubishielectric:fx3gc-32mt%2fdss_firmware:-, cpe:/o:mitsubishielectric:fx3ge-24mr%2fds_firmware:-, cpe:/o:mitsubishielectric:fx3ge-24mr%2fes_firmware:-, cpe:/o:mitsubishielectric:fx3ge-24mt%2fds_firmware:-, cpe:/o:mitsubishielectric:fx3ge-24mt%2fdss_firmware:-, cpe:/o:mitsubishielectric:fx3ge-24mt%2fes_firmware:-, cpe:/o:mitsubishielectric:fx3ge-24mt%2fess_firmware:-, cpe:/o:mitsubishielectric:fx3ge-40mr%2fds_firmware:-, cpe:/o:mitsubishielectric:fx3ge-40mr%2fes_firmware:-, cpe:/o:mitsubishielectric:fx3ge-40mt%2fds_firmware:-, cpe:/o:mitsubishielectric:fx3ge-40mt%2fdss_firmware:-, cpe:/o:mitsubishielectric:fx3ge-40mt%2fes_firmware:-, cpe:/o:mitsubishielectric:fx3ge-40mt%2fess_firmware:-, cpe:/o:mitsubishielectric:fx3s-10mr%2fds_firmware:-, cpe:/o:mitsubishielectric:fx3s-10mr%2fes_firmware:-, cpe:/o:mitsubishielectric:fx3s-10mt%2fds_firmware:-, cpe:/o:mitsubishielectric:fx3s-10mt%2fdss_firmware:-, cpe:/o:mitsubishielectric:fx3s-10mt%2fes_firmware:-, cpe:/o:mitsubishielectric:fx3s-10mt%2fess_firmware:-, cpe:/o:mitsubishielectric:fx3s-14mr%2fds_firmware:-, cpe:/o:mitsubishielectric:fx3s-14mr%2fes_firmware:-, cpe:/o:mitsubishielectric:fx3s-14mt%2fds_firmware:-, cpe:/o:mitsubishielectric:fx3s-14mt%2fdss_firmware:-, cpe:/o:mitsubishielectric:fx3s-14mt%2fes_firmware:-, cpe:/o:mitsubishielectric:fx3s-14mt%2fess_firmware:-, cpe:/o:mitsubishielectric:fx3s-20mr%2fds_firmware:-, cpe:/o:mitsubishielectric:fx3s-20mr%2fes_firmware:-, cpe:/o:mitsubishielectric:fx3s-20mt%2fds_firmware:-, cpe:/o:mitsubishielectric:fx3u-16mr%2fes_firmware:-, cpe:/o:mitsubishielectric:fx3u-16mt%2fds_firmware:-, cpe:/o:mitsubishielectric:fx3u-16mt%2fdss_firmware:-, cpe:/o:mitsubishielectric:fx3u-16mt%2fes-a_firmware:-, cpe:/o:mitsubishielectric:fx3u-16mt%2fes_firmware:-, cpe:/o:mitsubishielectric:fx3u-16mt%2fess_firmware:-, cpe:/o:mitsubishielectric:fx3u-32mr%2fds_firmware:-, cpe:/o:mitsubishielectric:fx3u-32mr%2fes-a_firmware:-, cpe:/o:mitsubishielectric:fx3u-32mr%2fes_firmware:-, cpe:/o:mitsubishielectric:fx3u-32mr%2fua1_firmware:-, cpe:/o:mitsubishielectric:fx3u-32ms%2fes_firmware:-, cpe:/o:mitsubishielectric:fx3u-32mt%2fds_firmware:-, cpe:/o:mitsubishielectric:fx3u-32mt%2fdss_firmware:-, cpe:/o:mitsubishielectric:fx3u-32mt%2fes-a_firmware:-, cpe:/o:mitsubishielectric:fx3u-32mt%2fes_firmware:-, cpe:/o:mitsubishielectric:fx3u-32mt%2fess_firmware:-, cpe:/o:mitsubishielectric:fx3u-48mr%2fds_firmware:-, cpe:/o:mitsubishielectric:fx3u-48mr%2fes-a_firmware:-, cpe:/o:mitsubishielectric:fx3u-48mr%2fes_firmware:-, cpe:/o:mitsubishielectric:fx3u-48mt%2fds_firmware:-, cpe:/o:mitsubishielectric:fx3u-48mt%2fdss_firmware:-, cpe:/o:mitsubishielectric:fx3u-48mt%2fes-a_firmware:-, cpe:/o:mitsubishielectric:fx3u-48mt%2fes_firmware:-, cpe:/o:mitsubishielectric:fx3u-48mt%2fess_firmware:-, cpe:/o:mitsubishielectric:fx3u-64mr%2fds_firmware:-, cpe:/o:mitsubishielectric:fx3u-64mr%2fes-a_firmware:-, cpe:/o:mitsubishielectric:fx3u-64mr%2fes_firmware:-, cpe:/o:mitsubishielectric:fx3u-64mr%2fua1_firmware:-, cpe:/o:mitsubishielectric:fx3u-64ms%2fes_firmware:-, cpe:/o:mitsubishielectric:fx3u-64mt%2fds_firmware:-, cpe:/o:mitsubishielectric:fx3u-64mt%2fdss_firmware:-, cpe:/o:mitsubishielectric:fx3u-64mt%2fes-a_firmware:-, cpe:/o:mitsubishielectric:fx3u-64mt%2fes_firmware:-, cpe:/o:mitsubishielectric:fx3u-64mt%2fess_firmware:-, cpe:/o:mitsubishielectric:fx3u-80mr%2fds_firmware:-, cpe:/o:mitsubishielectric:fx3u-80mr%2fes-a_firmware:-, cpe:/o:mitsubishielectric:fx3u-80mr%2fes_firmware:-, cpe:/o:mitsubishielectric:fx3u-80mt%2fds_firmware:-, cpe:/o:mitsubishielectric:fx3u-80mt%2fdss_firmware:-, cpe:/o:mitsubishielectric:fx3u-80mt%2fes-a_firmware:-, cpe:/o:mitsubishielectric:fx3u-80mt%2fes_firmware:-, cpe:/o:mitsubishielectric:fx3u-80mt%2fess_firmware:-, cpe:/o:mitsubishielectric:fx3uc-16mr%2fd-t_firmware:-, cpe:/o:mitsubishielectric:fx3uc-16mr%2fds-t_firmware:-, cpe:/o:mitsubishielectric:fx3uc-16mt%2fd-p4_firmware:-, cpe:/o:mitsubishielectric:fx3uc-16mt%2fd_firmware:-

Required KB Items: Tenable.ot/Mitsubishi

Exploit Ease: No known exploits are available

Patch Publication Date: 6/30/2023

Vulnerability Publication Date: 6/30/2023

Reference Information

CVE: CVE-2023-2846

CWE: 294