Vulnerability in Mitsubishi Electric Conveyor Tracking Application
CVE-2020-16226
Multiple Mitsubishi Electric products are vulnerable to impersonations of a legitimate device by a malicious actor, which may allow an attacker to remotely execute arbitrary commands.
EPSS: 0.005 (65.3th percentile) — read the EPSS interpretation.
Affected products
- Mitsubishi Electric Conveyor Tracking Application — versions APR-nTR3FH all versions, APR-nTR6FH all versions, APR-nTR12FH all versions
- Mitsubishi Electric D55up12-v — versions all versions
- Mitsubishi Electric Fr-a800-e Series — versions all versions
- Mitsubishi Electric Fr-a8ncg — versions Production date August 2020 and prior
- Mitsubishi Electric Fr-e800-epa Series — versions Production date July 2020 and prior
- Mitsubishi Electric Fr-e800-epb Series — versions Production date July 2020 and prior
- Mitsubishi Electric Fr-f800-e Series — versions all versions
- Mitsubishi Electric Fx3ge-**m*/** — versions all versions
- Mitsubishi Electric Fx3u-enet — versions all versions
- Mitsubishi Electric Fx3u-enet-adp — versions all versions
Weakness classification (CWE)
References
- us-cert.cisa.gov/ics/advisories/icsa-20-245-01 (x_refsource_MISC)