* Mitsubishi Electric MELSEC FX3G PLC devices before April 2015
* Mitsubishi Electric MELSEC FX3G PLC devices after April 2015
The built-in HTTP application is unable to handle parameters with a length of 100 bytes or more. This is true for all tested URLs but /fx_devmon.html. Even parameters not used by the web applications trigger the DoS bug. This security weakness can be exploited using both POST and GET HTTP requests. As soon as any parameter with a length of at least 100 characters is transmitted all Ethernet/IP/TCP communication is permanently halted. A connected HMI looses its connection, the HTTP server is not available any more and the System does not respond to ICMP ping requests or ARP requests. The ICS has to undergo a cold restart be interrupting the power supply. The PLC still continues to execute the internal logic program. Only the Ethernet based communication is disrupted.