OTPulse
FeedAboutContact

Mitsubishi Electric MELSEC FX-Series Controllers Denial of Service

Low RiskICS-CERT ICSA-15-146-01Feb 26, 2015
Summary

The MELSEC FX3G Series PLC contains a denial of service vulnerability triggered by specially crafted network packets. Affected firmware versions: all versions. The vendor has stated no fix is planned for this product line.

What this means
What could happen
An attacker could send specially crafted network packets to cause a Denial of Service condition, rendering the PLC unresponsive and halting industrial processes until the controller is rebooted.
Who's at risk
Energy utilities and manufacturing facilities running Mitsubishi Electric MELSEC FX3G Series PLCs should prioritize this issue. These controllers are commonly used for logic control, motor drives, and sensor I/O processing in power distribution, water treatment, and process manufacturing environments.
How it could be exploited
An attacker with network access to the PLC's communication ports could send malformed packets that trigger a crash or hang condition in the MELSEC FX3G firmware, causing the controller to stop processing normal control logic and stop responding to legitimate commands.
Prerequisites
  • Network access to the MELSEC FX3G controller on its communication ports (typically Ethernet or serial)
  • No authentication required to send the malicious packets
remotely exploitableno authentication requiredno patch availableaffects critical control logic
Exploitability
Low exploit probability (EPSS 0.5%)
Affected products (1)
ProductAffected VersionsFix Status
MELSEC FX3G Series PLCs: vers:all/*All versionsNo fix (EOL)
Remediation & Mitigation
0/4
Do now
0/2
HARDENINGImplement network segmentation to restrict access to PLC communication ports; only allow authorized engineering workstations and SCADA systems to communicate with the controller
HARDENINGDeploy firewall rules to block unexpected traffic to the PLC's communication ports and monitor for suspicious packet patterns
Mitigations - no patch available
0/2
MELSEC FX3G Series PLCs: vers:all/* has reached End of Life. The vendor will not release a patch. Apply the following compensating controls:
HARDENINGEstablish a network monitoring plan to detect and alert on any signs of denial of service attempts against the controller
HARDENINGDocument PLC network requirements and implement host-based filtering if available on the controller
View full CISA ICS-CERT advisory
โ†‘โ†“ Navigate ยท Esc Close
API: /api/v1/advisories/44076d41-3db4-4da7-a657-ee69f07920b3