You are here

Mitsubishi Electric MELSEC-Q Series Ethernet Module (ICSA-19-141-02)

Mitsubishi Electric MELSEC-Q Series Ethernet Module (ICSA-19-141-02)

Created: Tuesday, May 21, 2019 - 16:01
Categories:
Cybersecurity

The NCCIC has published an advisory on an uncontrolled resource consumption vulnerability in Mitsubishi Electric MELSEC-Q Series Ethernet Module. MELSEC-Q series Ethernet module QJ71E71-100 serial number 20121 and prior are affected. Successful exploitation of this vulnerability may render the device unresponsive, requiring a physical reset of the PLC. Mitsubishi Electric has released new firmware Version 20122 for the QJ71E71-100 Ethernet module to mitigate the reported vulnerability. The NCCIC has also provided a series of measures to address this vulnerability. Read the advisory at NCCIC/ICS-CERT.