medium
5.3
CWE
307
Advisory Published
Updated

CVE-2023-4625: Denial-of-Service(DoS) Vulnerability in Web server function on MELSEC Series CPU module

First published: Mon Nov 06 2023(Updated: )

Improper Restriction of Excessive Authentication Attempts vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F/iQ-R Series CPU modules Web server function allows a remote unauthenticated attacker to prevent legitimate users from logging into the Web server function for a certain period after the attacker has attempted to log in illegally by continuously attempting unauthorized login to the Web server function. The impact of this vulnerability will persist while the attacker continues to attempt unauthorized login.

Credit: Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp

Affected SoftwareAffected VersionHow to fix
All of
Mitsubishi Electric FX5U-32MT/ES Firmware
Mitsubishielectric Fx5u-32mt/es
All of
Mitsubishielectric Fx5u-64mt/es Firmware
Mitsubishi Electric FX5U-64MT/ES
All of
Mitsubishi Electric Fx5u-80MT/ES Firmware
Mitsubishi Electric FX5U-80MT/ES
All of
Mitsubishielectric Fx5u-32mr/es Firmware
Mitsubishi Electric FX5U-32MR/ES
All of
Mitsubishi Electric FX5U-64MR/ES Firmware
Mitsubishi Electric FX5U-64MR/ES
All of
Mitsubishielectric Fx5u-80mr/es Firmware
Mitsubishi Electric FX5U-80MR/ES
All of
Mitsubishi Electric FX5U-32MT/DS Firmware
Mitsubishi Electric FX5U-32MT/DS
All of
Mitsubishi Electric FX5U-64MT/DS Firmware
Mitsubishi Electric FX5U-64MT/DS
All of
Mitsubishi Electric FX5U-80MT/DS Firmware
Mitsubishi Electric FX5U-80MT/DS
All of
Mitsubishi Electric FX5U-32MR/DS Firmware
Mitsubishi Electric FX5U-32MR/DS
All of
Mitsubishielectric Fx5u-64mr/ds Firmware
Mitsubishi Electric FX5U-64MR/DS
All of
Mitsubishi Electric FX5U-80MR/DS Firmware
Mitsubishi Electric FX5U-80MR/DS
All of
Mitsubishi Electric FX5U-32MT/ESS Firmware
Mitsubishi Electric FX5U-32MT/ESS
All of
Mitsubishielectric Fx5u-64mt/ess Firmware
Mitsubishi Electric FX5U-64MT/ESS
All of
Mitsubishi Electric FX5U-80MT/ESS Firmware
Mitsubishi Electric FX5U-80MT/ESS
All of
Mitsubishi Electric FX5U-32MT/DSS Firmware
Mitsubishi Electric FX5U-32MT/DSS
All of
Mitsubishi Electric FX5U-64MT/DSS Firmware
Mitsubishi Electric FX5U-64MT/DSS
All of
Mitsubishi Electric FX5U-80MT/DSS Firmware
Mitsubishi Electric FX5U-80MT/DSS
All of
Mitsubishi Electric FX5UC-32MT/D Firmware
Mitsubishielectric Fx5uc-32mt/d
All of
Mitsubishi Electric FX5UC-64MT/D Firmware
Mitsubishi Electric FX5UC-64MT/D
All of
Mitsubishi Electric FX5UC-96MT/D Firmware
Mitsubishielectric Fx5uc-96mt/d
All of
Mitsubishi Electric FX5UC-32MT/DSS Firmware
Mitsubishi Electric FX5UC-32MT/DSS
All of
Mitsubishi Electric FX5UC-64MT/DSS Firmware
Mitsubishielectric Fx5uc-64mt/dss
All of
Mitsubishi Electric FX5UC-96MT/DSS Firmware
Mitsubishi Electric FX5UC-96MT/DSS
All of
Mitsubishi Electric FX5UC-32MT/DS-TS Firmware
Mitsubishi Electric FX5UC-32MT/DS-TS
All of
Mitsubishi Electric FX5UC-32MT/DSS-TS Firmware
Mitsubishi Electric FX5UC-32MT/DSS-TS
All of
Mitsubishielectric Fx5uc-32mr/ds-ts Firmware
Mitsubishi Electric FX5UC-32MR/DS-TS
All of
Mitsubishi Electric FX5UJ-24MT/ES Firmware
Mitsubishi Electric FX5UJ-24MT/ES
All of
Mitsubishi Electric FX5UJ-40MT/ES Firmware
Mitsubishi Electric FX5UJ-40MT/ES
All of
Mitsubishielectric Fx5uj-60mt/es Firmware
Mitsubishielectric Fx5uj-60mt/es
All of
Mitsubishielectric Fx5uj-24mr/es Firmware
Mitsubishi Electric FX5UJ-24MR/ES
All of
Mitsubishi Electric FX5UJ-40MR/ES Firmware
Mitsubishi Electric FX5UJ-40MR/ES
All of
Mitsubishi Electric FX5UJ-60MR/ES Firmware
Mitsubishi Electric FX5UJ-60MR/ES
All of
Mitsubishi Electric FX5UJ-24MT/ESS Firmware
Mitsubishielectric FX5UJ-24MT/ESS
All of
Mitsubishielectric Fx5uj-40mt/ess Firmware
Mitsubishi Electric FX5UJ-40MT/ESS
All of
Mitsubishi Electric FX5UJ-60MT/ESS Firmware
Mitsubishi Electric FX5UJ-60MT/ESS
All of
Mitsubishi Electric Fx5uj-24mt/ds Firmware
Mitsubishi Electric FX5UJ-24MT/DS
All of
Mitsubishielectric Fx5uj-40mt/ds Firmware
Mitsubishi Electric FX5UJ-40MT/DS
All of
Mitsubishi Electric FX5UJ-60MT/DS Firmware
Mitsubishi Electric FX5UJ-60MT/DS
All of
Mitsubishielectric Fx5uj-24mr/ds Firmware
Mitsubishi Electric FX5UJ-24MR/DS
All of
Mitsubishi Electric FX5UJ-40MR/DS Firmware
Mitsubishi Electric FX5UJ-40MR/DS
All of
Mitsubishi Electric Fx5uj-60mr/ds Firmware
Mitsubishi Electric FX5UJ-60MR/DS
All of
Mitsubishi Electric FX5UJ-24MT/DSS Firmware
Mitsubishi Electric FX5UJ-24MT/DSS
All of
Mitsubishielectric Fx5uj-40mt/dss Firmware
Mitsubishi Electric FX5UJ-40MT/DSS
All of
Mitsubishi Electric FX5UJ-60MT/DSS Firmware
Mitsubishi Electric FX5UJ-60MT/DSS
All of
Mitsubishielectric Fx5uj-24mt/es-a Firmware
Mitsubishi Electric FX5UJ-24MT/ES-A
All of
Mitsubishi Electric FX5UJ-40MT/ES-A Firmware
Mitsubishi Electric FX5UJ-40MT/ES-A
All of
Mitsubishi Electric FX5UJ-60MT/ES-A Firmware
Mitsubishi Electric FX5UJ-60MT/ES-A
All of
Mitsubishi Electric FX5UJ-24MR/ES-A Firmware
Mitsubishielectric Fx5uj-24mr/es-a
All of
Mitsubishielectric Fx5uj-40mr/es-a Firmware
Mitsubishi Electric FX5UJ-40MR/ES-A
All of
Mitsubishi Electric FX5UJ-60MR/ES-A Firmware
Mitsubishielectric Fx5uj-60mr/es-a
All of
Mitsubishielectric Fx5s-30mt/es Firmware
Mitsubishi Electric FX5S-30MT/ES
All of
Mitsubishi Electric FX5S-40MT/ES Firmware
Mitsubishi Electric FX5S-40MT/ES
All of
Mitsubishi Electric FX5S-60MT/ES Firmware
Mitsubishi Electric FX5S-60MT/ES
All of
Mitsubishi Electric FX5S-80MT/ES Firmware
Mitsubishi Electric FX5S-80MT/ES
All of
Mitsubishielectric Fx5s-30mr/es Firmware
Mitsubishielectric Fx5s-30mr/es
All of
Mitsubishi Electric FX5S-40MR/ES Firmware
Mitsubishi Electric FX5S-40MR/ES
All of
Mitsubishi Electric FX5S-60MR/ES Firmware
Mitsubishi Electric FX5S-60MR/ES
All of
Mitsubishielectric Fx5s-80mr/es Firmware
Mitsubishi Electric FX5S-80MR/ES
All of
Mitsubishi Electric FX5S-30MT/ESS Firmware
Mitsubishi Electric FX5S-30MT/ESS
All of
Mitsubishielectric Fx5s-40mt/ess Firmware
Mitsubishi Electric FX5S-40MT/ESS
All of
Mitsubishi Electric FX5S-60MT/ESS Firmware
Mitsubishi Electric FX5S-60MT/ESS
All of
Mitsubishi Electric FX5S-80MT/ESS Firmware
Mitsubishi Electric FX5S-80MT/ESS

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is the severity of CVE-2023-4625?

    CVE-2023-4625 has a high severity rating due to its potential to allow remote unauthenticated attackers to disrupt legitimate access to the Mitsubishi MELSEC iQ-F/iQ-R Series CPUs' web server.

  • How do I fix CVE-2023-4625?

    To fix CVE-2023-4625, apply the latest firmware update from Mitsubishi Electric that addresses this vulnerability.

  • What devices are affected by CVE-2023-4625?

    CVE-2023-4625 affects Mitsubishi Electric MELSEC iQ-F/iQ-R Series CPU modules with specific firmware versions.

  • What type of attack does CVE-2023-4625 facilitate?

    CVE-2023-4625 allows a remote unauthenticated attacker to execute excessive authentication attempts, potentially locking out legitimate users.

  • Is it safe to use devices affected by CVE-2023-4625 without a patch?

    Using devices affected by CVE-2023-4625 without the necessary patch increases the risk of unauthorized access and operational disruption.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203