Vulnerability Details CVE-2016-8368
An issue was discovered in Mitsubishi Electric Automation MELSEC-Q series Ethernet interface modules QJ71E71-100, all versions, QJ71E71-B5, all versions, and QJ71E71-B2, all versions. The affected Ethernet interface module is connected to a MELSEC-Q PLC, which may allow a remote attacker to connect to the PLC via Port 5002/TCP and cause a denial of service, requiring the PLC to be reset to resume operation. This is caused by an Unrestricted Externally Accessible Lock.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.007
EPSS Ranking 70.7%
CVSS Severity
CVSS v3 Score 8.6
CVSS v2 Score 5.0
References
Products affected by CVE-2016-8368
-
cpe:2.3:h:mitsubishielectric:qj71e71-100:-
-
cpe:2.3:h:mitsubishielectric:qj71e71-b2:-
-
cpe:2.3:h:mitsubishielectric:qj71e71-b5:-
-
cpe:2.3:o:mitsubishielectric:qj71e71-100_firmware:-
-
cpe:2.3:o:mitsubishielectric:qj71e71-b2_firmware:-
-
cpe:2.3:o:mitsubishielectric:qj71e71-b5_firmware:-