The NCCIC has published an advisory on resource exhaustion vulnerability in Mitsubishi Electric MELSEC-Q Series PLCs. Numerous products and versions of these products are affected. Successful exploitation of this vulnerability could allow a remote attacker to send specially crafted packets to the device, causing Ethernet communication to stop. Mitsubishi Electric has produced a new version of the firmware. The NCCIC also advises on a series of mitigating measures for this vulnerability. Read the advisory at NCCIC/ICS-CERT.
Early bird registration for H2OSecCon 2024 is now open! - REGISTER HERE