What is the vulnerability ID of this security issue?

The vulnerability ID is CVE-2023-3346.

What is the severity of CVE-2023-3346?

The severity of CVE-2023-3346 is critical with a CVSS score of 9.8.

What is the affected software for CVE-2023-3346?

The affected software for CVE-2023-3346 is Mitsubishielectric C80 Firmware, Mitsubishielectric E70 Firmware, Mitsubishielectric E80 Firmware, Mitsubishielectric M70v Firmware, Mitsubishielectric M720vs Firmware, Mitsubishielectric M720vs 15-type Firmware, Mitsubishielectric M720vw Firmware, Mitsubishielectric M730vs Firmware, Mitsubishielectric M730vs 15-type Firmware, Mitsubishielectric M730vw Firmware, Mitsubishielectric M750vs Firmware, Mitsubishielectric M750vs 15-type Firmware, Mitsubishielectric M750vw Firmware, Mitsubishielectric M80 Firmware, Mitsubishielectric M800s Firmware, Mitsubishielectric M800vs Firmware, Mitsubishielectric M800vw Firmware, Mitsubishielectric M800w Firmware, Mitsubishielectric M80v Firmware, Mitsubishielectric M80vw Firmware, and Mitsubishielectric M80w Firmware.

How does CVE-2023-3346 impact the affected software?

CVE-2023-3346 allows a remote unauthenticated attacker to cause a Denial of Service (DoS) condition and execute arbitrary code on the affected software.

Are there any official references for CVE-2023-3346?

Yes, you can find official references for CVE-2023-3346 at the following links: [Mitsubishielectric PSIRT PDF](https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2023-007_en.pdf), [CISA Advisory](https://www.cisa.gov/news-events/ics-advisories/icsa-23-208-03), [JVN](https://jvn.jp/vu/JVNVU90352157/index.html).

Vulnerability/
CVE-2023-3346

critical

9.8

CWE

119 120

3/8/2023

4/12/2024

CVE-2023-3346: Denial of Service (DoS) and Remote Code Execution Vulnerability in MITSUBISHI CNC Series

First published: Thu Aug 03 2023(Updated: )

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in MITSUBSHI CNC Series allows a remote unauthenticated attacker to cause Denial of Service (DoS) condition and execute arbitrary code on the product by sending specially crafted packets. In addition, system reset is required for recovery.

Credit: Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp

Affected Software	Affected Version	How to fix
Mitsubishi Electric C80 Firmware
Mitsubishi Electric C80 Firmware
Mitsubishi Electric E70 Firmware
Mitsubishi Electric E70
Mitsubishi Electric E80 Firmware
Mitsubishi Electric E80 Firmware
Mitsubishi Electric M70v
Mitsubishielectric M70v Firmware
Mitsubishi Electric M720vs 15-type Firmware
Mitsubishi Electric M720vs 15-type Firmware
Mitsubishi Electric M720vs Firmware
Mitsubishi Electric M720vs Firmware
Mitsubishi Electric M720vw
Mitsubishielectric M720vw Firmware
Mitsubishi Electric M730VS
Mitsubishi Electric M730VS
Mitsubishi Electric M750VS 15-Type
Mitsubishielectric M730vs 15-type Firmware
Mitsubishi Electric M730VW
Mitsubishielectric M730vw Firmware
Mitsubishi Electric M750VS 15-Type
Mitsubishi Electric M750VS 15-Type
Mitsubishi Electric M750VS 15-Type
Mitsubishielectric M750vs 15-type Firmware
Mitsubishi Electric M750vw Firmware
Mitsubishi Electric M750vw Firmware
Mitsubishi Electric M80 Firmware
Mitsubishi Electric M80
Mitsubishi Electric M800s Firmware
Mitsubishi Electric M800s Firmware
Mitsubishi Electric M800VS Firmware
Mitsubishi Electric M800VS Firmware
Mitsubishi Electric M800VW Firmware
Mitsubishi Electric M800VW Firmware
Mitsubishi Electric M800w Firmware
Mitsubishi Electric M800W
Mitsubishi Electric M80v Firmware
Mitsubishi Electric M80v
Mitsubishi Electric M80VW Firmware
Mitsubishi Electric M80VW Firmware
Mitsubishi Electric M80W
Mitsubishi Electric M80W

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the vulnerability ID of this security issue?
The vulnerability ID is CVE-2023-3346.
What is the severity of CVE-2023-3346?
The severity of CVE-2023-3346 is critical with a CVSS score of 9.8.
What is the affected software for CVE-2023-3346?
The affected software for CVE-2023-3346 is Mitsubishielectric C80 Firmware, Mitsubishielectric E70 Firmware, Mitsubishielectric E80 Firmware, Mitsubishielectric M70v Firmware, Mitsubishielectric M720vs Firmware, Mitsubishielectric M720vs 15-type Firmware, Mitsubishielectric M720vw Firmware, Mitsubishielectric M730vs Firmware, Mitsubishielectric M730vs 15-type Firmware, Mitsubishielectric M730vw Firmware, Mitsubishielectric M750vs Firmware, Mitsubishielectric M750vs 15-type Firmware, Mitsubishielectric M750vw Firmware, Mitsubishielectric M80 Firmware, Mitsubishielectric M800s Firmware, Mitsubishielectric M800vs Firmware, Mitsubishielectric M800vw Firmware, Mitsubishielectric M800w Firmware, Mitsubishielectric M80v Firmware, Mitsubishielectric M80vw Firmware, and Mitsubishielectric M80w Firmware.
How does CVE-2023-3346 impact the affected software?
CVE-2023-3346 allows a remote unauthenticated attacker to cause a Denial of Service (DoS) condition and execute arbitrary code on the affected software.
Are there any official references for CVE-2023-3346?
Yes, you can find official references for CVE-2023-3346 at the following links: [Mitsubishielectric PSIRT PDF](https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2023-007_en.pdf), [CISA Advisory](https://www.cisa.gov/news-events/ics-advisories/icsa-23-208-03), [JVN](https://jvn.jp/vu/JVNVU90352157/index.html).

collector/nvd-latest
agent/author
agent/type
agent/softwarecombine
agent/first-publish-date
agent/severity
agent/weakness
agent/references
agent/title
agent/description
agent/event
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/source
agent/tags
collector/nvd-api
agent/software-canonical-lookup-request
collector/nvd-index
vendor/mitsubishielectric
canonical/mitsubishi electric c80 firmware
canonical/mitsubishi electric e70 firmware
canonical/mitsubishi electric e70
canonical/mitsubishi electric e80 firmware
canonical/mitsubishi electric m70v
canonical/mitsubishielectric m70v firmware
canonical/mitsubishi electric m720vs 15-type firmware
canonical/mitsubishi electric m720vs firmware
canonical/mitsubishi electric m720vw
canonical/mitsubishielectric m720vw firmware
canonical/mitsubishi electric m730vs
canonical/mitsubishi electric m750vs 15-type
canonical/mitsubishielectric m730vs 15-type firmware
canonical/mitsubishi electric m730vw
canonical/mitsubishielectric m730vw firmware
canonical/mitsubishielectric m750vs 15-type firmware
canonical/mitsubishi electric m750vw firmware
canonical/mitsubishi electric m80 firmware
canonical/mitsubishi electric m80
canonical/mitsubishi electric m800s firmware
canonical/mitsubishi electric m800vs firmware
canonical/mitsubishi electric m800vw firmware
canonical/mitsubishi electric m800w firmware
canonical/mitsubishi electric m800w
canonical/mitsubishi electric m80v firmware
canonical/mitsubishi electric m80v
canonical/mitsubishi electric m80vw firmware
canonical/mitsubishi electric m80w