{ "document": { "acknowledgments": [ { "organization": "Mitsubishi Electric", "summary": "reported this vulnerability to CISA" } ], "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Disclosure is not limited", "tlp": { "label": "WHITE", "url": "https://www.cisa.gov/news-events/news/traffic-light-protocol-tlp-definitions-and-usage" } }, "lang": "en-US", "notes": [ { "category": "legal_disclaimer", "text": "This product is provided subject to this Notification (https://www.cisa.gov/notification) and this Privacy & Use policy (https://www.cisa.gov/privacy-policy).", "title": "Legal Notice and Terms of Use" }, { "category": "summary", "text": "Successful exploitation of this vulnerability could allow an unauthenticated remote attacker to cause a denial-of-service condition on the affected device. ", "title": "Risk evaluation" }, { "category": "other", "text": "Critical Manufacturing", "title": "Critical infrastructure sectors" }, { "category": "other", "text": "Worldwide", "title": "Countries/areas deployed" }, { "category": "other", "text": "Japan", "title": "Company headquarters location" }, { "category": "general", "text": "CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as:", "title": "Recommended Practices" }, { "category": "general", "text": "Minimize network exposure for all control system devices and/or systems, ensuring they are not accessible from the Internet.", "title": "Recommended Practices" }, { "category": "general", "text": "Locate control system networks and remote devices behind firewalls and isolating them from business networks.", "title": "Recommended Practices" }, { "category": "general", "text": "For additional information see Mitsubishi Electric advisory", "title": "Recommended Practices" }, { "category": "general", "text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.", "title": "Recommended Practices" }, { "category": "general", "text": "CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov/ics. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.", "title": "Recommended Practices" }, { "category": "general", "text": "CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets.", "title": "Recommended Practices" }, { "category": "general", "text": "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov/ics in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.", "title": "Recommended Practices" }, { "category": "general", "text": "Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.", "title": "Recommended Practices" }, { "category": "general", "text": "CISA also recommends users take the following measures to protect themselves from social engineering attacks:", "title": "Recommended Practices" }, { "category": "general", "text": "Do not click web links or open attachments in unsolicited email messages.", "title": "Recommended Practices" }, { "category": "general", "text": "Refer to Recognizing and Avoiding Email Scams for more information on avoiding email scams.", "title": "Recommended Practices" }, { "category": "general", "text": "Refer to Avoiding Social Engineering and Phishing Attacks for more information on social engineering attacks.", "title": "Recommended Practices" }, { "category": "general", "text": "No known public exploitation specifically targeting this vulnerability has been reported to CISA at this time. This vulnerability has a high attack complexity.", "title": "Recommended Practices" } ], "publisher": { "category": "coordinator", "contact_details": "central@cisa.dhs.gov", "name": "CISA", "namespace": "https://www.cisa.gov/" }, "references": [ { "category": "self", "summary": "ICS Advisory ICSA-24-291-03 JSON", "url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2024/icsa-24-291-03.json" }, { "category": "self", "summary": "ICSA Advisory ICSA-24-291-03 - Web Version", "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-291-03" }, { "category": "external", "summary": "Recommended Practices", "url": "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01" }, { "category": "external", "summary": "Recommended Practices", "url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2024-007_en.pdf" }, { "category": "external", "summary": "Recommended Practices", "url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices" }, { "category": "external", "summary": "Recommended Practices", "url": "https://www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf" }, { "category": "external", "summary": "Recommended Practices", "url": "https://www.cisa.gov/topics/industrial-control-systems" }, { "category": "external", "summary": "Recommended Practices", "url": "https://www.cisa.gov/uscert/sites/default/files/publications/emailscams0905.pdf" }, { "category": "external", "summary": "Recommended Practices", "url": "https://www.cisa.gov/uscert/ncas/tips/ST04-014" }, { "category": "external", "summary": "Recommended Practices", "url": "https://www.cisa.gov/news-events/ics-alerts/ics-alert-10-301-01" }, { "category": "external", "summary": "Recommended Practices", "url": "https://www.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf" }, { "category": "external", "summary": "Recommended Practices", "url": "https://www.cisa.gov/news-events/news/targeted-cyber-intrusion-detection-and-mitigation-strategies-update-b" }, { "category": "external", "summary": "Recommended Practices", "url": "https://www.cisa.gov/secure-our-world/teach-employees-avoid-phishing" }, { "category": "external", "summary": "Recommended Practices", "url": "https://www.cisa.gov/news-events/news/avoiding-social-engineering-and-phishing-attacks" } ], "title": "Mitsubishi Electric CNC Series (Update C)", "tracking": { "current_release_date": "2025-12-18T07:00:00.000000Z", "generator": { "date": "2025-12-17T22:28:52.389021Z", "engine": { "name": "CISA CSAF Generator", "version": "1.0.0" } }, "id": "ICSA-24-291-03", "initial_release_date": "2024-10-17T06:00:00.000000Z", "revision_history": [ { "date": "2024-10-17T06:00:00.000000Z", "legacy_version": "Initial", "number": "1", "summary": "Initial Publication" }, { "date": "2025-02-20T07:00:00.000000Z", "legacy_version": "Update A", "number": "2", "summary": "Update A - Updates to product list, mitigations, added CVSS v4 score." }, { "date": "2025-03-18T06:00:00.000000Z", "legacy_version": "Update B", "number": "3", "summary": "Update B - Updates to product list and mitigations." }, { "date": "2025-12-18T07:00:00.000000Z", "legacy_version": "Update C", "number": "4", "summary": "Update C - Update to product list and mitigations" } ], "status": "final", "version": "4" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_version_range", "name": "<=B1", "product": { "name": "Mitsubishi Electric M800VW (BND-2051W000-** ): <=B1", "product_id": "CSAFPID-0001" } } ], "category": "product_name", "name": "M800VW (BND-2051W000-** )" }, { "branches": [ { "category": "product_version_range", "name": "<=B1", "product": { "name": "Mitsubishi Electric M800VS (BND-2052W000-** ): <=B1", "product_id": "CSAFPID-0002" } } ], "category": "product_name", "name": "M800VS (BND-2052W000-** )" }, { "branches": [ { "category": "product_version_range", "name": "<=B1", "product": { "name": "Mitsubishi Electric M80V (BND-2053W000-** ): <=B1", "product_id": "CSAFPID-0003" } } ], "category": "product_name", "name": "M80V (BND-2053W000-** )" }, { "branches": [ { "category": "product_version_range", "name": "<=B1", "product": { "name": "Mitsubishi Electric M80VW (BND-2054W000-** ): <=B1", "product_id": "CSAFPID-0004" } } ], "category": "product_name", "name": "M80VW (BND-2054W000-** )" }, { "branches": [ { "category": "product_version_range", "name": "<=FH", "product": { "name": "Mitsubishi Electric M800W (BND-2005W000-** ): <=FH", "product_id": "CSAFPID-0005" } } ], "category": "product_name", "name": "M800W (BND-2005W000-** )" }, { "branches": [ { "category": "product_version_range", "name": "<=FH", "product": { "name": "Mitsubishi Electric M800S (BND-2006W000-** ): <=FH", "product_id": "CSAFPID-0006" } } ], "category": "product_name", "name": "M800S (BND-2006W000-** )" }, { "branches": [ { "category": "product_version_range", "name": "<=FH", "product": { "name": "Mitsubishi Electric M80 (BND-2007W000-** ): <=FH", "product_id": "CSAFPID-0007" } } ], "category": "product_name", "name": "M80 (BND-2007W000-** )" }, { "branches": [ { "category": "product_version_range", "name": "<=FH", "product": { "name": "Mitsubishi Electric M80W (BND-2008W000-** ): <=FH", "product_id": "CSAFPID-0008" } } ], "category": "product_name", "name": "M80W (BND-2008W000-** )" }, { "branches": [ { "category": "product_version_range", "name": "<=FH", "product": { "name": "Mitsubishi Electric E80 (BND-2009W000-** ): <=FH", "product_id": "CSAFPID-0009" } } ], "category": "product_name", "name": "E80 (BND-2009W000-** )" }, { "branches": [ { "category": "product_version_range", "name": "<=BJ", "product": { "name": "Mitsubishi Electric C80 (BND-2036W000-** ): <=BJ", "product_id": "CSAFPID-0010" } } ], "category": "product_name", "name": "C80 (BND-2036W000-** )" }, { "branches": [ { "category": "product_version_range", "name": "<=LG", "product": { "name": "Mitsubishi Electric M750VW (BND-1015W002-** ): <=LG", "product_id": "CSAFPID-0011" } } ], "category": "product_name", "name": "M750VW (BND-1015W002-** )" }, { "branches": [ { "category": "product_version_range", "name": "<=LG", "product": { "name": "Mitsubishi Electric M730VW/M720VW (BND-1015W000-** ): <=LG", "product_id": "CSAFPID-0012" } } ], "category": "product_name", "name": "M730VW/M720VW (BND-1015W000-** )" }, { "branches": [ { "category": "product_version_range", "name": "<=LG", "product": { "name": "Mitsubishi Electric M750VS (BND-1012W002-** ): <=LG", "product_id": "CSAFPID-0013" } } ], "category": "product_name", "name": "M750VS (BND-1012W002-** )" }, { "branches": [ { "category": "product_version_range", "name": "<=LG", "product": { "name": "Mitsubishi Electric M730VS/M720VS (BND-1012W000-** ): <=LG", "product_id": "CSAFPID-0014" } } ], "category": "product_name", "name": "M730VS/M720VS (BND-1012W000-** )" }, { "branches": [ { "category": "product_version_range", "name": "<=LG", "product": { "name": "Mitsubishi Electric M70V (BND-1018W000-** ): <=LG", "product_id": "CSAFPID-0015" } } ], "category": "product_name", "name": "M70V (BND-1018W000-** )" }, { "branches": [ { "category": "product_version_range", "name": "<=LG", "product": { "name": "Mitsubishi Electric E70 (BND-1022W000-** ): <=LG", "product_id": "CSAFPID-0016" } } ], "category": "product_name", "name": "E70 (BND-1022W000-** )" }, { "branches": [ { "category": "product_version_range", "name": "vers:all/*", "product": { "name": "Mitsubishi Electric NC Trainer2 (BND-1802W000-** ): vers:all/*", "product_id": "CSAFPID-0017" } } ], "category": "product_name", "name": "NC Trainer2 (BND-1802W000-** )" }, { "branches": [ { "category": "product_version_range", "name": "vers:all/*", "product": { "name": "Mitsubishi Electric NC Trainer2 plus (BND-1803W000-** ): vers:all/*", "product_id": "CSAFPID-0018" } } ], "category": "product_name", "name": "NC Trainer2 plus (BND-1803W000-** )" } ], "category": "vendor", "name": "Mitsubishi Electric" } ] }, "vulnerabilities": [ { "cve": "CVE-2024-7316", "cwe": { "id": "CWE-1284", "name": "Improper Validation of Specified Quantity in Input" }, "notes": [ { "category": "summary", "text": "A denial-of-service (DoS) vulnerability exists in Numerical Control Systems (CNC). A malicious unauthenticated remote attacker may cause a denial-of-service (DoS) condition in the affected product by sending specially crafted packets to TCP port 683", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010", "CSAFPID-0011", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2024-7316" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" } ], "remediations": [ { "category": "mitigation", "details": "Mitsubishi Electric recommends users take the following actions to minimize the risk of exploiting this vulnerability.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010", "CSAFPID-0011", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018" ] }, { "category": "mitigation", "details": "M800VW (BND-2051W000-** ): Update to B2 or later", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010", "CSAFPID-0011", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018" ] }, { "category": "mitigation", "details": "M800VS (BND-2052W000-** ): Update to B2 or later", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010", "CSAFPID-0011", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018" ] }, { "category": "mitigation", "details": "M80V (BND-2053W000-** ): Update to B2 or later", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010", "CSAFPID-0011", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018" ] }, { "category": "mitigation", "details": "M80VW (BND-2054W000-** ): Update to B2 or later", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010", "CSAFPID-0011", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018" ] }, { "category": "mitigation", "details": "M800W (BND-2005W000-** ): Update to FJ or later", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010", "CSAFPID-0011", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018" ] }, { "category": "mitigation", "details": "M800S (BND-2006W000-** ): Update to FJ or later", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010", "CSAFPID-0011", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018" ] }, { "category": "mitigation", "details": "M80 (BND-2007W000-** ): Update to FJ or later", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010", "CSAFPID-0011", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018" ] }, { "category": "mitigation", "details": "M80W (BND-2008W000-** ): Update to FJ or later", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010", "CSAFPID-0011", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018" ] }, { "category": "mitigation", "details": "E80 (BND-2009W000-** ): Update to FJ or later", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010", "CSAFPID-0011", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018" ] }, { "category": "mitigation", "details": "C80 (BND-2036W000-** ): Update to BK or later", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010", "CSAFPID-0011", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018" ] }, { "category": "mitigation", "details": "M750VW (BND-1015W002-** ): Update to LH or later", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010", "CSAFPID-0011", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018" ] }, { "category": "mitigation", "details": "M730VW/M720VW (BND-1015W000-** ): Update to LH or later", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010", "CSAFPID-0011", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018" ] }, { "category": "mitigation", "details": "M750VS (BND-1012W002-** ): Update to LH or later", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010", "CSAFPID-0011", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018" ] }, { "category": "mitigation", "details": "M730VS/M720VS (BND-1012W000-** ): Update to LH or later", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010", "CSAFPID-0011", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018" ] }, { "category": "mitigation", "details": "M70V (BND-1018W000-** ): Update to LH or later", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010", "CSAFPID-0011", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018" ] }, { "category": "mitigation", "details": "E70 (BND-1022W000-** ): Update to LH or later", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010", "CSAFPID-0011", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018" ] }, { "category": "mitigation", "details": "Additionally, Mitsubishi Electric recommends the following mitigations:", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010", "CSAFPID-0011", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018" ] }, { "category": "mitigation", "details": "Use a firewall, virtual private network (VPN), etc. to prevent unauthorized access when Internet access is required.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010", "CSAFPID-0011", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018" ] }, { "category": "mitigation", "details": "Install anti-virus software on the PC that can access the product.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010", "CSAFPID-0011", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018" ] }, { "category": "mitigation", "details": "Use within a LAN and block access from untrusted networks and hosts through firewalls.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010", "CSAFPID-0011", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018" ] }, { "category": "mitigation", "details": "Restrict physical access to the affected product and the LAN to which the product is connected.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010", "CSAFPID-0011", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018" ] }, { "category": "mitigation", "details": "Use IP filter function to block access from untrusted hosts.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010", "CSAFPID-0011", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018" ] }, { "category": "mitigation", "details": "IP filter function is available for M800V/M80V Series and M800/M80/E80 Series.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010", "CSAFPID-0011", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018" ] }, { "category": "mitigation", "details": "For details about the IP filter function, please refer to the following manual for each product: M800V/M80V Series Instruction Manual \"16. Appendix 3 IP Address Filter Setting Function\" and M800/M80/E80 Series Instruction Manual \"15. Appendix 2 IP Address Filter Setting Function.\"", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010", "CSAFPID-0011", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.9, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010", "CSAFPID-0011", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018" ] } ] } ] }