CVE-2023-6815

Summary

CVE-2023-6815 is a Privilege Escalation vulnerability affecting Mitsubishi Electric Corporation's MELSEC iQ-R Series Safety CPU R08/16/32/120SFCPU and MELSEC iQ-R Series SIL2 Process CPU R08/16/32/120PSFCPU. An authenticated attacker with non-administrative access can exploit this vulnerability by sending a crafted packet to disclose the user ID and password of a user with lower access levels. This error in privilege assignment poses a significant risk, enabling attackers to potentially gain unauthorized access and compromise the targeted systems. All versions of these products are affected, and users are advised to apply the necessary patches to mitigate this issue.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.