CVE-2016-8370 describes a credential exposure issue in Mitsubishi Electric Automation MELSEC-Q series Ethernet interface modules. According to the NVD record, affected firmware includes QJ71E71-100, QJ71E71-B5, and QJ71E71-B2, all versions. The issue is network-reachable and results in weakly encrypted passwords being transmitted to a MELSEC-Q PLC, which raises the risk of credential interception on indus [truncated]
CVE-2016-8368 affects Mitsubishi Electric Automation MELSEC-Q series Ethernet interface modules QJ71E71-100, QJ71E71-B5, and QJ71E71-B2, all versions. A remote attacker may connect to the PLC through TCP port 5002 and trigger a denial of service that requires the PLC to be reset to resume operation. NVD maps the issue to CWE-662 and rates it high severity because the attack is network-reachable, requires [truncated]
