Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2023-4699

Insufficient Verification of Data Authenticity vulnerability in Mitsubishi Electric Corporation MELSEC-F Series main modules and MELSEC iQ-F Series CPU modules allows a remote unauthenticated attacker to reset the memory of the products to factory default state and cause denial-of-service (DoS) condition on the products by sending specific packets.

CVE
Open in Source
#vulnerability#dos#js#pdf#auth

%PDF-1.7 %���� 241 0 obj <> endobj 263 0 obj <>/Encrypt 242 0 R/Filter/FlateDecode/ID[<850B1A5D5F96C6498D3C9CAA81277774><772622199E0FCC4382B22326565ED540>]/Index[241 36]/Info 240 0 R/Length 108/Prev 142582/Root 243 0 R/Size 277/Type/XRef/W[1 3 1]>>stream h�bbd```b``�"�~�H�� �� D�0����d9�|"9g�H� 0 a��`r�d�r�E��IƓ�A�zu��e ��@�C�%�`�)"�30)~0 �b endstream endobj startxref 0 %%EOF 276 0 obj <>stream ����)�#8Ak^�S7��ϧ��g%>v��u�#��x��"d;�pw�H���7&M�]�I�"��>У� ^�ͷ����d�˗��fg��’o��NU�?.��a�nhc���x��c_��[���սu]�?a�F�Ah2[z39��!x�q�~I�o�ݝ�U endstream endobj 242 0 obj <>>>/Filter/Standard/Length 256/O(�[ �__^ 9Ь�Z��RQ"7+�>�p�\r��y ¿�X��LT�%)/OE(��C�k&m�*�J\(�q-¼��YU:.`��)/P -1324/Perms(ˌ��T�P�>8-ۥNR)/R 6/StmF/StdCF/StrF/StdCF/U(E"?Ȁ ��{ƞ}e@B���M&�r��T���|n�4��"�’f�c���)/UE(6�ن�/ �`�޼�����h$�Ũr�\\)/V 5>> endobj 243 0 obj <>/Metadata 7 0 R/PageLayout/OneColumn/Pages 239 0 R/StructTreeRoot 12 0 R/Type/Catalog/ViewerPreferences<>>> endobj 244 0 obj <>/ProcSet[/PDF/Text]>>/Rotate 0/StructParents 0/Tabs/S/Type/Page>> endobj 245 0 obj <>stream ��3�ǫ%U��> {v[|�@�,� �c�5���g�4�"^�ed�7ͩ�����M�ɷ �hK���p�m?��O(�1�B�}gc]�a!]�9$e’㐔k+ ?Y �c�Q�&�)Ρsn���֔�����ڈ(@��U��cs�}���ջ��R1d9��j��埢��J|��j��D���8J�0�6��W�(�o�ů�Mܙ’�͗S��A����4��4ʋ�s��Cq��z��~3�Y@�&��³s�P\�r帔��/�)�TK�a�=���T�`sg֛����������e�w�k�*�Xϴ�m�F%<+b,��h�9�m��@n��g�2+�B˼���$�=W/F��Ҥ&@l�?:�� ��#?l�~�6MY r� �>6�q~�I�T����?���虁�Ajo!T�k]d��8QU4���%��QoFo��vHJ��ޑ7��W�.�;B;������+�аkX��!-�7y��c�T�e X���ۇGr��{�1J�D�F�FK�^�ME�n|���g�L ї�qJ<���w���+��c | ��p[0NxNBskPw�TI����C�V�C�g��#��w��� �V�@��BI`���vQ��7�*��߄�DC�h�����Է ��Θ4�NU��lv�X��b/y��^o�ʪ�j&ls���al:��o~Ɲ�>��x�I!��,��24�No�>U ��|�>gn�w�jV�6����L�y���KQ>|ZC�^��<��C ������J��ed���;�N�p��@)mO�[�~z8P��e��5a� ��u� �!��}�� �y�Q��H��f,�[��*#Gs�tJS��7�@�>��Ä��� �����b���4����Nj����o���JD�Y���$**�/���`2���l�^K����� Р�^’ endstream endobj 246 0 obj <>stream :�M!�������׭��)m�ǡ��n��v��P��p�� `� �PG�L9�w�>u�3X�8F�}�l���

Related news

CVE-2023-4625: JVNVU#94620134: 三菱電機製MELSECシリーズにおける複数の脆弱性

Improper Restriction of Excessive Authentication Attempts vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series CPU modules Web server function allows a remote unauthenticated attacker to prevent legitimate users from logging into the Web server function for a certain period after the attacker has attempted to log in illegally by continuously attempting unauthorized login to the Web server function. The impact of this vulnerability will persist while the attacker continues to attempt unauthorized login.

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE
CVE-2023-6905
CVE
CVE-2023-6903
CVE
CVE-2023-6904
CVE
CVE-2023-3907
CVE