CVE-2024-0802

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Mar 15, 2024
CWE ID 468

Summary

CVE-2024-0802 is a newly disclosed vulnerability affecting Mitsubishi Electric Corporation's MELSEC-Q Series and MELSEC-L Series CPU modules. This issue stems from an Incorrect Pointer Scaling error, which enables a remote, unauthenticated attacker to manipulate data sent to these products. By crafting specific packets, the attacker can gain unauthorized access to sensitive information or even execute malicious code on the target product. This vulnerability poses a significant risk to industrial control systems and demands immediate attention for mitigation and patching.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share