Free Webinar:

Incident responders TELL-ALL on May 16 with lessons learned from the frontlines of the OT cybersecurity battleground.

Register Now
Skip to main content
Security Advisory

Mitsubishi Electric’s MELSEC iQ-R Safety CPU and SIL2 Process CPU Module

Incorrect Privilege Assignment

Risk Information

Limited Threat

CVE ID

CVE-2023-6815

Vunerability Type

Incorrect Privilege Assignment

CVSS3 Score

6.5

CVSSv3 Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Affecting

  • MELSEC iQ-R Series Safety CPU (R08/16/32/120SFCPU): all versions.
  • MELSEC iQ-R Series SIL2 Process CPU (R08/16/32/120PSFCPU): all versions.

    • Mitigation

    Users with firmware 27 and higher can enable 'enhanced management'. Users with previous firmware must replace the hardware with a newer version.

    02/13/2024