Attacker Value
Unknown
0
CVE-2023-0457
0
CVE ID
AttackerKB requires a CVE ID in order to pull vulnerability data and references from the CVE list and the National Vulnerability Database. If available, please supply below:
Add References:
CVE-2023-0457
(Last updated October 08, 2023) ▾
MITRE ATT&CK
Log in to add MITRE ATT&CK tag
Add MITRE ATT&CK tactics and techniques that apply to this CVE.
MITRE ATT&CK
Select the MITRE ATT&CK Tactics that apply to this CVE
Collection
Select any Techniques used:
Command and Control
Select any Techniques used:
Credential Access
Select any Techniques used:
Defense Evasion
Select any Techniques used:
Discovery
Select any Techniques used:
Execution
Select any Techniques used:
Exfiltration
Select any Techniques used:
Impact
Select any Techniques used:
Initial Access
Select any Techniques used:
Lateral Movement
Select any Techniques used:
Persistence
Select any Techniques used:
Privilege Escalation
Select any Techniques used:
Topic Tags
Select the tags that apply to this CVE (Assessment added tags are disabled and cannot be removed)
What makes this of high-value to an attacker?
What makes this of low-value to an attacker?
Description
Plaintext Storage of a Password vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series, MELSEC iQ-R Series, MELSEC-Q Series and MELSEC-L Series allows a remote unauthenticated attacker to disclose plaintext credentials stored in project files and login into FTP server or Web server.
Add Assessment
No one has assessed this topic. Be the first to add your voice to the community.
CVSS V3 Severity and Metrics
Data provided by the National Vulnerability Database (NVD)
Base Score:
7.5 High
Impact Score:
3.6
Exploitability Score:
3.9
Attack Vector (AV):
Network
Attack Complexity (AC):
Low
Privileges Required (PR):
None
User Interaction (UI):
None
Scope (S):
Unchanged
Confidentiality (C):
High
Integrity (I):
None
Availability (A):
None
General Information
Offensive Application
Unknown
Utility Class
Unknown
Ports
Unknown
OS
Unknown
Vulnerable Versions
MELSEC iQ-F Series FX5U-32MT/ES all versions
MELSEC iQ-F Series FX5U-64MT/ES all versions
MELSEC iQ-F Series FX5U-80MT/ES all versions
MELSEC iQ-F Series FX5U-32MR/ES all versions
MELSEC iQ-F Series FX5U-64MR/ES all versions
MELSEC iQ-F Series FX5U-80MR/ES all versions
MELSEC iQ-F Series FX5U-32MT/DS all versions
MELSEC iQ-F Series FX5U-64MT/DS all versions
MELSEC iQ-F Series FX5U-80MT/DS all versions
MELSEC iQ-F Series FX5U-32MR/DS all versions
MELSEC iQ-F Series FX5U-64MR/DS all versions
MELSEC iQ-F Series FX5U-80MR/DS all versions
MELSEC iQ-F Series FX5U-32MT/ESS all versions
MELSEC iQ-F Series FX5U-64MT/ESS all versions
MELSEC iQ-F Series FX5U-80MT/ESS all versions
MELSEC iQ-F Series FX5U-32MT/DSS all versions
MELSEC iQ-F Series FX5U-64MT/DSS all versions
MELSEC iQ-F Series FX5U-80MT/DSS all versions
MELSEC iQ-F Series FX5UC-32MT/D all versions
MELSEC iQ-F Series FX5UC-64MT/D all versions
MELSEC iQ-F Series FX5UC-96MT/D all versions
MELSEC iQ-F Series FX5UC-32MT/DSS all versions
MELSEC iQ-F Series FX5UC-64MT/DSS all versions
MELSEC iQ-F Series FX5UC-96MT/DSS all versions
MELSEC iQ-F Series FX5UC-32MT/DS-TS all versions
MELSEC iQ-F Series FX5UC-32MT/DSS-TS all versions
MELSEC iQ-F Series FX5UC-32MR/DS-TS all versions
MELSEC iQ-F Series FX5UJ-24MT/ES all versions
MELSEC iQ-F Series FX5UJ-40MT/ES all versions
MELSEC iQ-F Series FX5UJ-60MT/ES all versions
MELSEC iQ-F Series FX5UJ-24MR/ES all versions
MELSEC iQ-F Series FX5UJ-40MR/ES all versions
MELSEC iQ-F Series FX5UJ-60MR/ES all versions
MELSEC iQ-F Series FX5UJ-24MT/ESS all versions
MELSEC iQ-F Series FX5UJ-40MT/ESS all versions
MELSEC iQ-F Series FX5UJ-60MT/ESS all versions
MELSEC iQ-F Series FX5UJ-24MT/ES-A all versions
MELSEC iQ-F Series FX5UJ-40MT/ES-A all versions
MELSEC iQ-F Series FX5UJ-60MT/ES-A all versions
MELSEC iQ-F Series FX5UJ-24MR/ES-A all versions
MELSEC iQ-F Series FX5UJ-40MR/ES-A all versions
MELSEC iQ-F Series FX5UJ-60MR/ES-A all versions
MELSEC iQ-F Series FX5S-30MT/ES all versions
MELSEC iQ-F Series FX5S-40MT/ES all versions
MELSEC iQ-F Series FX5S-60MT/ES all versions
MELSEC iQ-F Series FX5S-80MT/ES all versions
MELSEC iQ-F Series FX5S-30MR/ES all versions
MELSEC iQ-F Series FX5S-40MR/ES all versions
MELSEC iQ-F Series FX5S-60MR/ES all versions
MELSEC iQ-F Series FX5S-80MR/ES all versions
MELSEC iQ-F Series FX5S-30MT/ESS all versions
MELSEC iQ-F Series FX5S-40MT/ESS all versions
MELSEC iQ-F Series FX5S-60MT/ESS all versions
MELSEC iQ-F Series FX5S-80MT/ESS all versions
MELSEC iQ-F Series FX5-ENET all versions
MELSEC iQ-F Series FX5-ENET/IP all versions
MELSEC iQ-R Series R00CPU all versions
MELSEC iQ-R Series R01CPU all versions
MELSEC iQ-R Series R02CPU all versions
MELSEC iQ-R Series R04CPU all versions
MELSEC iQ-R Series R08CPU all versions
MELSEC iQ-R Series R16CPU all versions
MELSEC iQ-R Series R32CPU all versions
MELSEC iQ-R Series R120CPU all versions
MELSEC iQ-R Series R04ENCPU all versions
MELSEC iQ-R Series R08ENCPU all versions
MELSEC iQ-R Series R16ENCPU all versions
MELSEC iQ-R Series R32ENCPU all versions
MELSEC iQ-R Series R120ENCPU all versions
MELSEC iQ-R Series R08SFCPU all versions
MELSEC iQ-R Series R16SFCPU all versions
MELSEC iQ-R Series R32SFCPU all versions
MELSEC iQ-R Series R120SFCPU all versions
MELSEC iQ-R Series R08PCPU all versions
MELSEC iQ-R Series R16PCPU all versions
MELSEC iQ-R Series R32PCPU all versions
MELSEC iQ-R Series R120PCPU all versions
MELSEC iQ-R Series R08PSFCPU all versions
MELSEC iQ-R Series R16PSFCPU all versions
MELSEC iQ-R Series R32PSFCPU all versions
MELSEC iQ-R Series R120PSFCPU all versions
MELSEC iQ-R Series RJ71EN71 all versions
MELSEC iQ-R Series R12CCPU-V all versions
MELSEC-Q Series Q03UDECPU all versions
MELSEC-Q Series Q04UDEHCPU all versions
MELSEC-Q Series Q06UDEHCPU all versions
MELSEC-Q Series Q10UDEHCPU all versions
MELSEC-Q Series Q13UDEHCPU all versions
MELSEC-Q Series Q20UDEHCPU all versions
MELSEC-Q Series Q26UDEHCPU all versions
MELSEC-Q Series Q50UDEHCPU all versions
MELSEC-Q Series Q100UDEHCPU all versions
MELSEC-Q Series Q03UDVCPU all versions
MELSEC-Q Series Q04UDVCPU all versions
MELSEC-Q Series Q06UDVCPU all versions
MELSEC-Q Series Q13UDVCPU all versions
MELSEC-Q Series Q26UDVCPU all versions
MELSEC-Q Series Q04UDPVCPU all versions
MELSEC-Q Series Q06UDPVCPU all versions
MELSEC-Q Series Q13UDPVCPU all versions
MELSEC-Q Series Q26UDPVCPU all versions
MELSEC-Q Series QJ71E71-100 all versions
MELSEC-L Series L02CPU all versions
MELSEC-L Series L06CPU all versions
MELSEC-L Series L26CPU all versions
MELSEC-L Series L02CPU-P all versions
MELSEC-L Series L06CPU-P all versions
MELSEC-L Series L26CPU-P all versions
MELSEC-L Series L26CPU-BT all versions
MELSEC-L Series L26CPU-PBT all versions
MELSEC-L Series LJ71E71-100 all versions
Prerequisites
Unknown
Discovered By
Unknown
PoC Author
Unknown
Metasploit Module
Unknown
Reporter
Unknown
Vendors
Products
- fx5-enet firmware -,
- fx5-enet/ip firmware -,
- fx5s-30mr/es firmware,
- fx5s-30mt/es firmware,
- fx5s-30mt/ess firmware,
- fx5s-40mr/es firmware,
- fx5s-40mt/es firmware,
- fx5s-40mt/ess firmware,
- fx5s-60mr/es firmware,
- fx5s-60mt/es firmware,
- fx5s-60mt/ess firmware,
- fx5s-80mr/es firmware,
- fx5s-80mt/es firmware,
- fx5s-80mt/ess firmware,
- fx5uc-32mr/ds-ts firmware,
- fx5uc-32mt/d firmware,
- fx5uc-32mt/ds-ts firmware,
- fx5uc-32mt/dss firmware,
- fx5uc-32mt/dss-ts firmware,
- fx5uc-64mt/d firmware,
- fx5uc-64mt/dss firmware,
- fx5uc-96mt/d firmware,
- fx5uc-96mt/dss firmware,
- fx5uj-24mr/es firmware,
- fx5uj-24mr/es-a firmware,
- fx5uj-24mt/es firmware,
- fx5uj-24mt/es-a firmware,
- fx5uj-24mt/ess firmware,
- fx5uj-40mr/es firmware,
- fx5uj-40mr/es-a firmware,
- fx5uj-40mt/es firmware,
- fx5uj-40mt/es-a firmware,
- fx5uj-40mt/ess firmware,
- fx5uj-60mr/es firmware,
- fx5uj-60mr/es-a firmware,
- fx5uj-60mt/es firmware,
- fx5uj-60mt/es-a firmware,
- fx5uj-60mt/ess firmware
References
Additional Info
Authenticated
Unknown
Exploitable
Unknown
Reliability
Unknown
Stability
Unknown
Available Mitigations
Unknown
Shelf Life
Unknown
Userbase/Installbase
Unknown
Patch Effectiveness
Unknown
Rapid7
Technical Analysis
Report as Emergent Threat Response
Report as Zero-day Exploit
Report as Exploited in the Wild
CVE ID
AttackerKB requires a CVE ID in order to pull vulnerability data and references from the CVE list and the National Vulnerability Database. If available, please supply below:
