ID
VAR-201608-0416
TITLE
Mitsubishi FX3U PLC COTP Service Buffer Overflow Vulnerability
Trust: 0.8
sources:
IVD: ba6e4bbe-667a-4e52-84c4-1643d6b4578c //
CNVD: CNVD-2016-06361
DESCRIPTION
FX3U is a high-end PLC of Mitsubishi, and its transmission layer uses COTP protocol for communication. A buffer overflow vulnerability exists in the COTP protocol packets that are sent to the FX3U's Ethernet port in a cyclically restructured packet. Allowing an attacker to exploit this vulnerability results in a denial of service
Trust: 0.72
sources:
CNVD: CNVD-2016-06361 //
IVD: ba6e4bbe-667a-4e52-84c4-1643d6b4578c
IOT TAXONOMY
| category: | ['ICS', 'Network device'] | sub_category: | - | Trust: 0.6 |
| category: | ['ICS'] | sub_category: | - | Trust: 0.2 |
sources:
IVD: ba6e4bbe-667a-4e52-84c4-1643d6b4578c //
CNVD: CNVD-2016-06361
AFFECTED PRODUCTS
| vendor: | mitsubishi | model: | group fx3u plc | scope: | - | version: | - | Trust: 0.6 |
| vendor: | mitsubishi | model: | group fx3u plc | scope: | eq | version: | * | Trust: 0.2 |
sources:
IVD: ba6e4bbe-667a-4e52-84c4-1643d6b4578c //
CNVD: CNVD-2016-06361
CVSS
SEVERITY | CVSSV2 | CVSSV3 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
sources:
IVD: ba6e4bbe-667a-4e52-84c4-1643d6b4578c //
CNVD: CNVD-2016-06361
TYPE
Buffer overflow
Trust: 0.2
sources:
IVD: ba6e4bbe-667a-4e52-84c4-1643d6b4578c
EXTERNAL IDS
| db: | CNVD | id: | CNVD-2016-06361 | Trust: 0.8 |
| db: | IVD | id: | BA6E4BBE-667A-4E52-84C4-1643D6B4578C | Trust: 0.2 |
sources:
IVD: ba6e4bbe-667a-4e52-84c4-1643d6b4578c //
CNVD: CNVD-2016-06361
SOURCES
| db: | IVD | id: | ba6e4bbe-667a-4e52-84c4-1643d6b4578c |
| db: | CNVD | id: | CNVD-2016-06361 |
LAST UPDATE DATE
2022-05-17T01:57:42.835000+00:00
SOURCES UPDATE DATE
| db: | CNVD | id: | CNVD-2016-06361 | date: | 2016-08-16T00:00:00 |
SOURCES RELEASE DATE
| db: | IVD | id: | ba6e4bbe-667a-4e52-84c4-1643d6b4578c | date: | 2016-08-16T00:00:00 |
| db: | CNVD | id: | CNVD-2016-06361 | date: | 2016-09-26T00:00:00 |