CVE-2020-16226

Published: Oct 5, 2020

Modified: Sep 17, 2024

PUBLISHED

Description

Multiple Mitsubishi Electric products are vulnerable to impersonations of a legitimate device by a malicious actor, which may allow an attacker to remotely execute arbitrary commands.

Vendor	Product	Versions
Mitsubishi Electric	QJ71MES96	affected `all versions`
Mitsubishi Electric	QJ71WS96	affected `all versions`
Mitsubishi Electric	Q06CCPU-V	affected `all versions`
Mitsubishi Electric	Q24DHCCPU-V	affected `all versions`
Mitsubishi Electric	Q24DHCCPU-VG	affected `all versions`
Mitsubishi Electric	R12CCPU-V	affected `all versions`
Mitsubishi Electric	RD55UP06-V,	affected `all versions`
Mitsubishi Electric	D55UP12-V	affected `all versions`
Mitsubishi Electric	RJ71GN11-T2	affected `all versions`
Mitsubishi Electric	RJ71EN71	affected `all versions`
Mitsubishi Electric	QJ71E71-100	affected `all versions`
Mitsubishi Electric	LJ71E71-100	affected `all versions`
Mitsubishi Electric	QJ71MT91	affected `all versions`
Mitsubishi Electric	RD78Gn(n=4,8,16,32,64)	affected `all versions`
Mitsubishi Electric	RD78GHV	affected `all versions`
Mitsubishi Electric	RD78GHW	affected `all versions`
Mitsubishi Electric	NZ2GACP620-60	affected `all versions`
Mitsubishi Electric	NZ2GACP620-300	affected `all versions`
Mitsubishi Electric	NZ2FT-MT	affected `all versions`
Mitsubishi Electric	NZ2FT-EIP	affected `all versions`
Mitsubishi Electric	Q03UDECPU	affected `the first 5 digits of serial number 22081 and prior`
Mitsubishi Electric	QnUDEHCPU(n=04/06/10/13/20/26/50/100)	affected `the first 5 digits of serial number 22081 and prior`
Mitsubishi Electric	QnUDVCPU(n=03/04/06/13/26)	affected `the first 5 digits of serial number 22031 and prior`
Mitsubishi Electric	QnUDPVCPU(n=04/06/13/2)	affected `the first 5 digits of serial number 22031 and prior`
Mitsubishi Electric	LnCPU(-P)(n=02/06/26)	affected `the first 5 digits of serial number 22051 and prior`
Mitsubishi Electric	L26CPU-(P)BT	affected `the first 5 digits of serial number 22051 and prior`
Mitsubishi Electric	RnCPU(n=00/01/02)	affected `unspecified - < Version 18 and prior`
Mitsubishi Electric	RnCPU(n=04/08/16/32/120)	affected `unspecified - < Version 50 and prior`
Mitsubishi Electric	RnENCPU(n=04/08/16/32/120)	affected `unspecified - < Version 50 and prior`
Mitsubishi Electric	RnSFCPU (n=08/16/32/120)	affected `all versions`
Mitsubishi Electric	RnPCPU(n=08/16/32/120)	affected `all versions`
Mitsubishi Electric	RnPSFCPU(n=08/16/32/120)	affected `all versions`
Mitsubishi Electric	FX5U(C)-*M/**	affected `unspecified - < Serial number 17X** or later: Version 1.210 and prior` affected `unspecified - < Serial number 179** and prior: Version 1.070 and prior`
Mitsubishi Electric	FX5UC-32M/*-TS	affected `unspecified - < Version 1.210 and prior`
Mitsubishi Electric	FX5UJ-*M/**	affected `Version 1.000`
Mitsubishi Electric	FX5-ENET	affected `all versions`
Mitsubishi Electric	FX5-ENET/IP	affected `all versions`
Mitsubishi Electric	FX3U-ENET-ADP	affected `all versions`
Mitsubishi Electric	FX3GE-*M/**	affected `all versions`
Mitsubishi Electric	FX3U-ENET	affected `all versions`
Mitsubishi Electric	FX3U-ENET-L	affected `all versions`
Mitsubishi Electric	FX3U-ENET-P502	affected `all versions`
Mitsubishi Electric	FX5-CCLGN-MS	affected `all versions`
Mitsubishi Electric	IU1-1M20-D	affected `all versions`
Mitsubishi Electric	LE7-40GU-L	affected `all versions`
Mitsubishi Electric	GOT2000 Series GT21 Model	affected `all versions`
Mitsubishi Electric	GS Series	affected `all versions`
Mitsubishi Electric	GOT1000 Series GT14 Model	affected `all versions`
Mitsubishi Electric	GT25-J71GN13-T2	affected `all versions`
Mitsubishi Electric	FR-A800-E Series	affected `all versions`
Mitsubishi Electric	FR-F800-E Series	affected `all versions`
Mitsubishi Electric	FR-A8NCG	affected `Production date August 2020 and prior`
Mitsubishi Electric	FR-E800-EPA Series	affected `Production date July 2020 and prior`
Mitsubishi Electric	FR-E800-EPB Series	affected `Production date July 2020 and prior`
Mitsubishi Electric	Conveyor Tracking Application	affected `APR-nTR3FH all versions` affected `APR-nTR6FH all versions` affected `APR-nTR12FH all versions` affected `APR-nTR20FH(n=1,2) all versions`
Mitsubishi Electric	MR-JE-C	affected `all versions`
Mitsubishi Electric	MR-J4-TM	affected `all versions`

Weaknesses (CWE)

CWE-342

References

https://us-cert.cisa.gov/ics/advisories/icsa-20-245-01

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2020-16226

Description

Affected Products

Weaknesses (CWE)

References