cve/2023/CVE-2023-3346.md

### [CVE-2023-3346](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3346)
![](https://img.shields.io/static/v1?label=Product&message=MITSUBISHI%20CNC%20C80%20Series%20C80&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=MITSUBISHI%20CNC%20E70%20Series%20E70&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=MITSUBISHI%20CNC%20E80%20Series%20E80&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=MITSUBISHI%20CNC%20IoT%20Unit%20Data%20Acquisition%20Unit&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=MITSUBISHI%20CNC%20IoT%20Unit%20Remote%20Service%20Gateway%20Unit&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=MITSUBISHI%20CNC%20M700V%20Series%20M720VS&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=MITSUBISHI%20CNC%20M700V%20Series%20M720VW&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=MITSUBISHI%20CNC%20M700V%20Series%20M730VS&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=MITSUBISHI%20CNC%20M700V%20Series%20M730VW&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=MITSUBISHI%20CNC%20M700V%20Series%20M750VS&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=MITSUBISHI%20CNC%20M700V%20Series%20M750VW&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=MITSUBISHI%20CNC%20M70V%20Series%20M70V&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=MITSUBISHI%20CNC%20M80%20Series%20M80&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=MITSUBISHI%20CNC%20M80%20Series%20M80W&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=MITSUBISHI%20CNC%20M800%20Series%20M800S&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=MITSUBISHI%20CNC%20M800%20Series%20M800W&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=MITSUBISHI%20CNC%20M800V%20Series%20M800VS&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=MITSUBISHI%20CNC%20M800V%20Series%20M800VW&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=MITSUBISHI%20CNC%20M80V%20Series%20M80V&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=MITSUBISHI%20CNC%20M80V%20Series%20M80VW&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=%3D%20System%20Number%20BND-1012W000%20versions%20LF%20and%20prior%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Version&message=%3D%20System%20Number%20BND-1012W002%20versions%20LF%20and%20prior%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Version&message=%3D%20System%20Number%20BND-1015W000%20versions%20LF%20and%20prior%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Version&message=%3D%20System%20Number%20BND-1015W002%20versions%20LF%20and%20prior%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Version&message=%3D%20System%20Number%20BND-1018W000%20versions%20LF%20and%20prior%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Version&message=%3D%20System%20Number%20BND-1022W000%20versions%20LF%20and%20prior%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Version&message=%3D%20System%20Number%20BND-2005W000%20versions%20FB%20and%20prior%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Version&message=%3D%20System%20Number%20BND-2006W000%20versions%20FB%20and%20prior%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Version&message=%3D%20System%20Number%20BND-2007W000%20versions%20FB%20and%20prior%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Version&message=%3D%20System%20Number%20BND-2008W000%20versions%20FB%20and%20prior%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Version&message=%3D%20System%20Number%20BND-2009W000%20versions%20FB%20and%20prior%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Version&message=%3D%20System%20Number%20BND-2036W000%20versions%20BF%20and%20prior%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Version&message=%3D%20System%20Number%20BND-2041W001%20versions%20AD%20and%20prior%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Version&message=%3D%20System%20Number%20BND-2041W002%20all%20versions%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Version&message=%3D%20System%20Number%20BND-2051W000%20versions%20A8%20and%20prior%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Version&message=%3D%20System%20Number%20BND-2052W000%20versions%20A8%20and%20prior%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Version&message=%3D%20System%20Number%20BND-2053W000%20versions%20A8%20and%20prior%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Version&message=%3D%20System%20Number%20BND-2054W000%20versions%20A8%20and%20prior%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-120%20Buffer%20Copy%20without%20Checking%20Size%20of%20Input%20('Classic%20Buffer%20Overflow')&color=brighgreen)

### Description

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in MITSUBSHI CNC Series allows a remote unauthenticated attacker to cause Denial of Service (DoS) condition and execute arbitrary code on the product by sending specially crafted packets. In addition, system reset is required for recovery.

### POC

#### Reference
- https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2023-007_en.pdf

#### Github
No PoCs found on GitHub currently.
Update Sat May 25 21:48:12 CEST 2024 2024-05-25 21:48:12 +02:00			`### [CVE-2023-3346](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3346)`
			`![](https://img.shields.io/static/v1?label=Product&message=MITSUBISHI%20CNC%20C80%20Series%20C80&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=MITSUBISHI%20CNC%20E70%20Series%20E70&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=MITSUBISHI%20CNC%20E80%20Series%20E80&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=MITSUBISHI%20CNC%20IoT%20Unit%20Data%20Acquisition%20Unit&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=MITSUBISHI%20CNC%20IoT%20Unit%20Remote%20Service%20Gateway%20Unit&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=MITSUBISHI%20CNC%20M700V%20Series%20M720VS&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=MITSUBISHI%20CNC%20M700V%20Series%20M720VW&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=MITSUBISHI%20CNC%20M700V%20Series%20M730VS&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=MITSUBISHI%20CNC%20M700V%20Series%20M730VW&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=MITSUBISHI%20CNC%20M700V%20Series%20M750VS&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=MITSUBISHI%20CNC%20M700V%20Series%20M750VW&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=MITSUBISHI%20CNC%20M70V%20Series%20M70V&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=MITSUBISHI%20CNC%20M80%20Series%20M80&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=MITSUBISHI%20CNC%20M80%20Series%20M80W&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=MITSUBISHI%20CNC%20M800%20Series%20M800S&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=MITSUBISHI%20CNC%20M800%20Series%20M800W&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=MITSUBISHI%20CNC%20M800V%20Series%20M800VS&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=MITSUBISHI%20CNC%20M800V%20Series%20M800VW&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=MITSUBISHI%20CNC%20M80V%20Series%20M80V&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=MITSUBISHI%20CNC%20M80V%20Series%20M80VW&color=blue)`
			`![](https://img.shields.io/static/v1?label=Version&message=%3D%20System%20Number%20BND-1012W000%20versions%20LF%20and%20prior%20&color=brighgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=%3D%20System%20Number%20BND-1012W002%20versions%20LF%20and%20prior%20&color=brighgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=%3D%20System%20Number%20BND-1015W000%20versions%20LF%20and%20prior%20&color=brighgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=%3D%20System%20Number%20BND-1015W002%20versions%20LF%20and%20prior%20&color=brighgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=%3D%20System%20Number%20BND-1018W000%20versions%20LF%20and%20prior%20&color=brighgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=%3D%20System%20Number%20BND-1022W000%20versions%20LF%20and%20prior%20&color=brighgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=%3D%20System%20Number%20BND-2005W000%20versions%20FB%20and%20prior%20&color=brighgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=%3D%20System%20Number%20BND-2006W000%20versions%20FB%20and%20prior%20&color=brighgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=%3D%20System%20Number%20BND-2007W000%20versions%20FB%20and%20prior%20&color=brighgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=%3D%20System%20Number%20BND-2008W000%20versions%20FB%20and%20prior%20&color=brighgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=%3D%20System%20Number%20BND-2009W000%20versions%20FB%20and%20prior%20&color=brighgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=%3D%20System%20Number%20BND-2036W000%20versions%20BF%20and%20prior%20&color=brighgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=%3D%20System%20Number%20BND-2041W001%20versions%20AD%20and%20prior%20&color=brighgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=%3D%20System%20Number%20BND-2041W002%20all%20versions%20&color=brighgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=%3D%20System%20Number%20BND-2051W000%20versions%20A8%20and%20prior%20&color=brighgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=%3D%20System%20Number%20BND-2052W000%20versions%20A8%20and%20prior%20&color=brighgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=%3D%20System%20Number%20BND-2053W000%20versions%20A8%20and%20prior%20&color=brighgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=%3D%20System%20Number%20BND-2054W000%20versions%20A8%20and%20prior%20&color=brighgreen)`
			`![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-120%20Buffer%20Copy%20without%20Checking%20Size%20of%20Input%20('Classic%20Buffer%20Overflow')&color=brighgreen)`

			`### Description`

			`Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in MITSUBSHI CNC Series allows a remote unauthenticated attacker to cause Denial of Service (DoS) condition and execute arbitrary code on the product by sending specially crafted packets. In addition, system reset is required for recovery.`

			`### POC`

			`#### Reference`
			`- https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2023-007_en.pdf`

			`#### Github`
			`No PoCs found on GitHub currently.`