N/A

Incorrect Privilege Assignment vulnerability in Mitsubishi Electric Corporation MELSEC iQ-R Series Safety CPU R08/16/32/120SFCPU all versions and MELSEC iQ-R Series SIL2 Process CPU R08/16/32/120PSFCPU all versions allows a remote authenticated attacker who has logged into the product as a non-administrator user to disclose the credentials (user ID and password) of a user with a lower access level than the attacker by sending a specially crafted packet.

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

特权授予不正确

Mitsubishi Electric MELSEC iQ-R series 安全漏洞

Mitsubishi Electric MELSEC iQ-R series是日本三菱电机（Mitsubishi Electric）公司的一款可编程逻辑控制器。 Mitsubishi MELSEC iQ-R Series Safety CPU R08/16/32/120SFCPU、MELSEC iQ-R Series SIL2 Process CPU R08/16/32/120PSFCPU版本存在安全漏洞，该漏洞源于允许经过身份验证的远程攻击者登录产品，通过发送特制数据包来泄露访问级别低于攻击者的用户的凭

N/A

N/A