Mitsubishi Electric CC-Link IE TSN

1. EXECUTIVE SUMMARY

CVSS v4 8.2
ATTENTION: Exploitable remotely
Vendor: Mitsubishi Electric
Equipment: CC-Link IE TSN Remote I/O module, CC-Link IE TSN Analog-Digital Converter module, CC-Link IE TSN Digital-Analog Converter module, CC-Link IE TSN FPGA module, CC-Link IE TSN Remote Station Communication LSI CP620 with GbE-PHY
Vulnerability: Improper Validation of Specified Quantity in Input

Successful exploitation of this vulnerability could allow an attacker to cause a denial-of-service condition on the affected products.

The following versions of Mitsubishi Electric CC-Link IE TSN, a network controller, are affected:

CC-Link IE TSN Remote I/O module NZ2GN2S1-32D/32T/32TE/32DT/32DTE: Versions 09 and prior
CC-Link IE TSN Remote I/O module NZ2GN2B1-32D/32T/32TE/32DT/32DTE: Versions 09 and prior
CC-Link IE TSN Remote I/O module NZ2GNCF1-32D/32T: Versions 09 and prior
CC-Link IE TSN Remote I/O module NZ2GNCE3-32D/32DT: Versions 09 and prior
CC-Link IE TSN Remote I/O module NZ2GN12A4-16D/16DE: Versions 09 and prior
CC-Link IE TSN Remote I/O module NZ2GN12A2-16T/16TE: Versions 09 and prior
CC-Link IE TSN Remote I/O module NZ2GN12A42-16DT/16DTE: Versions 09 and prior
CC-Link IE TSN Remote I/O module NZ2GN2S1-16D/16T/16TE: Versions 09 and prior
CC-Link IE TSN Remote I/O module NZ2GN2B1-16D/16T/16TE: Versions 09 and prior
CC-Link IE TSN Analog-Digital Converter module NZ2GN2S-60AD4: Versions 07 and prior
CC-Link IE TSN Analog-Digital Converter module NZ2GN2B-60AD4: Versions 07 and prior
CC-Link IE TSN Digital-Analog Converter module NZ2GN2S-60DA4: Versions 07 and prior
CC-Link IE TSN Digital-Analog Converter module NZ2GN2B-60DA4: Versions 07 and prior
CC-Link IE TSN FPGA module NZ2GN2S-D41P01/D41D01/D41PD02: Version 01
CC-Link IE TSN Remote Station Communication LSI CP620 with GbE-PHY NZ2GACP620-300/60: Versions 1.08J and prior