CVE-2023-2060 Information

Description

Weak Password Requirements vulnerability in FTP function on Mitsubishi Electric Corporation MELSEC iQ-R Series EtherNet/IP module RJ71EIP91 and MELSEC iQ-F Series EtherNet/IP module FX5-ENET/IP allows a remote unauthenticated attacker to access to the module via FTP by dictionary attack or password sniffing.

Reference

https://www.mitsubishielectric.co.jp/psirt/vulnerability/pdf/2023-004.pdf https://jvn.jp/vu/JVNVU92908006