CVE-2023-1424 : MITSUBISHI ELECTRIC MELSEC IQ-F PACKETS BUFFER OVERFLOW

Description

Buffer Copy without Checking Size of Input (‘Classic Buffer Overflow’) vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series CPU modules allows a remote unauthenticated attacker to cause a denial of service (DoS) condition or execute malicious code on a target product by sending specially crafted packets. A system reset of the product is required for recovery from a denial of service (DoS) condition and malicious code execution.

References

https://jvn.jp/vu/JVNVU94650413

https://www.cisa.gov/news-events/ics-advisories/icsa-23-143-03

https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2023-003_en.pdf

For More Information

MITRE

Common Vulnerabilityies and Exposures

Contact us to get started

CVE-2023-2868 : BARRACUDA EMAIL SECURITY GATEWAY UP TO 9.2.0.006 TAR FILE COMMAND INJECTION

CVE-2023-2868 : BARRACUDA EMAIL SECURITY GATEWAY UP TO 9.2.0.006 TAR FILE COMMAND INJECTION

Description A remote command injection vulnerability exists in the Barracuda Email Security Gateway (appliance form factor only) product effecting versions

CVE-2023-1424 : MITSUBISHI ELECTRIC MELSEC IQ-F PACKETS BUFFER OVERFLOW

CVE-2023-1424 : MITSUBISHI ELECTRIC MELSEC IQ-F PACKETS BUFFER OVERFLOW

Description Buffer Copy without Checking Size of Input (‘Classic Buffer Overflow’) vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series CPU

CVE-2023-2845 : CLOUDEXPLORER-LITE UP TO 1.0.X ACCESS CONTROL

CVE-2023-2845 : CLOUDEXPLORER-LITE UP TO 1.0.X ACCESS CONTROL

Description Improper Access Control in GitHub repository cloudexplorer-dev/cloudexplorer-lite prior to v1.1.0. References https://huntr.dev/bounties/ac10e81c-998e-4425-9d74-b985d9b0254c https://github.com/cloudexplorer-dev/cloudexplorer-lite/commit/d9f55a44e579d312977b02317b2020de758b763a For More Information MITRE