Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5.9
CVSSv3

CVE-2023-1285

Published: 14/04/2023 Updated: 24/04/2023
CVSS v3 Base Score: 5.9 | Impact Score: 3.6 | Exploitability Score: 2.2
VMScore: 0

Vulnerability Summary

Signal Handler Race Condition vulnerability in Mitsubishi Electric India GC-ENET-COM whose first 2 digits of 11-digit serial number of unit are "16" allows a remote unauthenticated malicious user to cause a denial-of-service (DoS) condition in Ethernet communication by sending a large number of specially crafted packets to any UDP port when GC-ENET-COM is configured as a Modbus TCP Server. The communication resumes only when the power of the main unit is turned off and on or when the GC-ENET-COM is hot-swapped from the main unit.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

mitsubishielectric gc-enet-com_firmware -

References

CWE-362https://www.cisa.gov/news-events/ics-advisories/icsa-23-103-15https://mitsubishielectric.in/fa/cnc-pdf/DoS_in_Ethernet_Communication_Extension_Unit_GC_ENET_COM_of_GOC35_Series.pdfhttps://nvd.nist.gov
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
validationCVE-2012-1823malicious code‎CVE-2024-5770CVE-2023-45866CVE-2024-35687local usersCVE-2024-31246CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook