[Control systems] Mitsubishi Electric security advisory

Number: AV20-398
Date: 30 October 2020

On 29 October 2020 ICS-CERT published ICS Advisories to highlight vulnerabilities in Mitsubishi Electric MELSEC iQ-R, Q and L Series modules. The following modules are affected:

  •  R 00/01/02 CPU - firmware versions 20 and prior
  •  R 04/08/16/32/120 (EN) CPU - firmware versions 52 and prior
  •  R 08/16/32/120 SFCPU - firmware versions 22 and prior
  •  R 08/16/32/120 PCPU - all versions
  •  R 08/16/32/120 PSFCPU - all versions
  •  R 16/32/64 MTCPU - all versions
  •  Q03 UDECPU, Q 04/06/10/13/20/26/50/100 UDEHCPU - serial number 22081 and prior
  •  Q 03/04/06/13/26 UDVCPU - serial number 22031 and prior
  •  Q 04/06/13/26 UDPVCPU - serial number 22031 and prior
  •  Q 172/173 DCPU to Q 172/173 DCPU-S1 - all versions
  •  Q 172/173 DSCPU - all versions
  •  Q 170 MCPU - all versions
  •  Q 170 MSCPU to Q 170 MSCPU (-S1) - all versions
  •  MR-MQ100 - all versions
  •  L 02/06/26 CPU (-P), L 26 CPU - (P) BT - all versions
  •  EtherNet/IP Network Interface Module, RJ71EIP91 - first 2 digits of serial number are 02 or prior
  •  PROFINET IO Controller Module, RJ71PN92 - first 2 digits of serial number are 01 or prior
  •  High Speed Data Logger Module, RD81DL96 -first 2 digits of serial number are 08 or prior
  •  MES Interface Module, RD81MES96N - first 2 digits of serial number are 04 or prior
  •  OPC UA Server Module, RD81OPC96 - first 2 digits of serial number are 04 or prior

Successful exploitation of these vulnerabilities could allow a remote actor to cause a denial-of-service condition or execute an arbitrary code.

The Cyber Centre encourages users and administrators to review the provided web links, perform the suggested mitigations and apply the necessary updates when available:

Mitsubishi Electric MELSEC iQ-R, Q and L Series

https://us-cert.cisa.gov/ics/advisories/icsa-20-303-01

Mitsubishi Electric MELSEC iQ-R

https://us-cert.cisa.gov/ics/advisories/icsa-20-303-02

Note to Readers

The Canadian Centre for Cyber Security (Cyber Centre) operates as part of the Communications Security Establishment.  We are Canada’s national authority on cyber security and we lead the government’s response to cyber security events. As Canada's national computer security incident response team, the Cyber Centre works in close collaboration with government departments, critical infrastructure, Canadian businesses and international partners to prepare for, respond to, mitigate, and recover from cyber events. We do this by providing authoritative advice and support, and coordinating information sharing and incident response. The Cyber Centre is outward-facing, welcoming partnerships that help build a stronger, more resilient cyber space in Canada.

Date modified: