CWE-502
Deserialization of Untrusted Data
The product deserializes untrusted data without sufficiently ensuring that the resulting data will be valid.
CVE-2022-29875 (GCVE-0-2022-29875)
Vulnerability from cvelistv5 – Published: 2022-06-01 09:50 – Updated: 2024-08-03 06:33
VLAI
Summary
A vulnerability has been identified in Biograph Horizon PET/CT Systems (All VJ30 versions < VJ30C-UD01), MAGNETOM Family (NUMARIS X: VA12M, VA12S, VA10B, VA20A, VA30A, VA31A), MAMMOMAT Revelation (All VC20 versions < VC20D), NAEOTOM Alpha (All VA40 versions < VA40 SP2), SOMATOM X.cite (All versions < VA30 SP5 or VA40 SP2), SOMATOM X.creed (All versions < VA30 SP5 or VA40 SP2), SOMATOM go.All (All versions < VA30 SP5 or VA40 SP2), SOMATOM go.Now (All versions < VA30 SP5 or VA40 SP2), SOMATOM go.Open Pro (All versions < VA30 SP5 or VA40 SP2), SOMATOM go.Sim (All versions < VA30 SP5 or VA40 SP2), SOMATOM go.Top (All versions < VA30 SP5 or VA40 SP2), SOMATOM go.Up (All versions < VA30 SP5 or VA40 SP2), Symbia E/S (All VB22 versions < VB22A-UD03), Symbia Evo (All VB22 versions < VB22A-UD03), Symbia Intevo (All VB22 versions < VB22A-UD03), Symbia T (All VB22 versions < VB22A-UD03), Symbia.net (All VB22 versions < VB22A-UD03), syngo.via VB10 (All versions), syngo.via VB20 (All versions), syngo.via VB30 (All versions), syngo.via VB40 (All versions < VB40B HF06), syngo.via VB50 (All versions), syngo.via VB60 (All versions < VB60B HF02). The application deserialises untrusted data without sufficient validations that could result in an arbitrary deserialization. This could allow an unauthenticated attacker to execute code in the affected system if ports 32912/tcp or 32914/tcp are reachable.
Severity
No CVSS data available.
CWE
- CWE-502 - Deserialization of Untrusted Data
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.siemens-healthineers.com/support-docu… | x_refsource_MISC |
Impacted products
23 products
| Vendor | Product | Version | |
|---|---|---|---|
| Siemens | Biograph Horizon PET/CT Systems |
Affected:
All VJ30 versions < VJ30C-UD01
|
|
| Siemens | MAGNETOM Family |
Affected:
NUMARIS X: VA12M, VA12S, VA10B, VA20A, VA30A, VA31A
|
|
| Siemens | MAMMOMAT Revelation |
Affected:
All VC20 versions < VC20D
|
|
| Siemens | NAEOTOM Alpha |
Affected:
All VA40 versions < VA40 SP2
|
|
| Siemens | SOMATOM X.cite |
Affected:
All versions < VA30 SP5 or VA40 SP2
|
|
| Siemens | SOMATOM X.creed |
Affected:
All versions < VA30 SP5 or VA40 SP2
|
|
| Siemens | SOMATOM go.All |
Affected:
All versions < VA30 SP5 or VA40 SP2
|
|
| Siemens | SOMATOM go.Now |
Affected:
All versions < VA30 SP5 or VA40 SP2
|
|
| Siemens | SOMATOM go.Open Pro |
Affected:
All versions < VA30 SP5 or VA40 SP2
|
|
| Siemens | SOMATOM go.Sim |
Affected:
All versions < VA30 SP5 or VA40 SP2
|
|
| Siemens | SOMATOM go.Top |
Affected:
All versions < VA30 SP5 or VA40 SP2
|
|
| Siemens | SOMATOM go.Up |
Affected:
All versions < VA30 SP5 or VA40 SP2
|
|
| Siemens | Symbia E/S |
Affected:
All VB22 versions < VB22A-UD03
|
|
| Siemens | Symbia Evo |
Affected:
All VB22 versions < VB22A-UD03
|
|
| Siemens | Symbia Intevo |
Affected:
All VB22 versions < VB22A-UD03
|
|
| Siemens | Symbia T |
Affected:
All VB22 versions < VB22A-UD03
|
|
| Siemens | Symbia.net |
Affected:
All VB22 versions < VB22A-UD03
|
|
| Siemens | syngo.via VB10 |
Affected:
All versions
|
|
| Siemens | syngo.via VB20 |
Affected:
All versions
|
|
| Siemens | syngo.via VB30 |
Affected:
All versions
|
|
| Siemens | syngo.via VB40 |
Affected:
All versions < VB40B HF06
|
|
| Siemens | syngo.via VB50 |
Affected:
All versions
|
|
| Siemens | syngo.via VB60 |
Affected:
All versions < VB60B HF02
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T06:33:42.999Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.siemens-healthineers.com/support-documentation/cybersecurity/shsa-455016"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Biograph Horizon PET/CT Systems",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All VJ30 versions \u003c VJ30C-UD01"
}
]
},
{
"product": "MAGNETOM Family",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "NUMARIS X: VA12M, VA12S, VA10B, VA20A, VA30A, VA31A"
}
]
},
{
"product": "MAMMOMAT Revelation",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All VC20 versions \u003c VC20D"
}
]
},
{
"product": "NAEOTOM Alpha",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All VA40 versions \u003c VA40 SP2"
}
]
},
{
"product": "SOMATOM X.cite",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c VA30 SP5 or VA40 SP2"
}
]
},
{
"product": "SOMATOM X.creed",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c VA30 SP5 or VA40 SP2"
}
]
},
{
"product": "SOMATOM go.All",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c VA30 SP5 or VA40 SP2"
}
]
},
{
"product": "SOMATOM go.Now",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c VA30 SP5 or VA40 SP2"
}
]
},
{
"product": "SOMATOM go.Open Pro",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c VA30 SP5 or VA40 SP2"
}
]
},
{
"product": "SOMATOM go.Sim",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c VA30 SP5 or VA40 SP2"
}
]
},
{
"product": "SOMATOM go.Top",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c VA30 SP5 or VA40 SP2"
}
]
},
{
"product": "SOMATOM go.Up",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c VA30 SP5 or VA40 SP2"
}
]
},
{
"product": "Symbia E/S",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All VB22 versions \u003c VB22A-UD03"
}
]
},
{
"product": "Symbia Evo",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All VB22 versions \u003c VB22A-UD03"
}
]
},
{
"product": "Symbia Intevo",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All VB22 versions \u003c VB22A-UD03"
}
]
},
{
"product": "Symbia T",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All VB22 versions \u003c VB22A-UD03"
}
]
},
{
"product": "Symbia.net",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All VB22 versions \u003c VB22A-UD03"
}
]
},
{
"product": "syngo.via VB10",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"product": "syngo.via VB20",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"product": "syngo.via VB30",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"product": "syngo.via VB40",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c VB40B HF06"
}
]
},
{
"product": "syngo.via VB50",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"product": "syngo.via VB60",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c VB60B HF02"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in Biograph Horizon PET/CT Systems (All VJ30 versions \u003c VJ30C-UD01), MAGNETOM Family (NUMARIS X: VA12M, VA12S, VA10B, VA20A, VA30A, VA31A), MAMMOMAT Revelation (All VC20 versions \u003c VC20D), NAEOTOM Alpha (All VA40 versions \u003c VA40 SP2), SOMATOM X.cite (All versions \u003c VA30 SP5 or VA40 SP2), SOMATOM X.creed (All versions \u003c VA30 SP5 or VA40 SP2), SOMATOM go.All (All versions \u003c VA30 SP5 or VA40 SP2), SOMATOM go.Now (All versions \u003c VA30 SP5 or VA40 SP2), SOMATOM go.Open Pro (All versions \u003c VA30 SP5 or VA40 SP2), SOMATOM go.Sim (All versions \u003c VA30 SP5 or VA40 SP2), SOMATOM go.Top (All versions \u003c VA30 SP5 or VA40 SP2), SOMATOM go.Up (All versions \u003c VA30 SP5 or VA40 SP2), Symbia E/S (All VB22 versions \u003c VB22A-UD03), Symbia Evo (All VB22 versions \u003c VB22A-UD03), Symbia Intevo (All VB22 versions \u003c VB22A-UD03), Symbia T (All VB22 versions \u003c VB22A-UD03), Symbia.net (All VB22 versions \u003c VB22A-UD03), syngo.via VB10 (All versions), syngo.via VB20 (All versions), syngo.via VB30 (All versions), syngo.via VB40 (All versions \u003c VB40B HF06), syngo.via VB50 (All versions), syngo.via VB60 (All versions \u003c VB60B HF02). The application deserialises untrusted data without sufficient validations that could result in an arbitrary deserialization. This could allow an unauthenticated attacker to execute code in the affected system if ports 32912/tcp or 32914/tcp are reachable."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-502",
"description": "CWE-502: Deserialization of Untrusted Data",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-01T09:50:10.000Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.siemens-healthineers.com/support-documentation/cybersecurity/shsa-455016"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2022-29875",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Biograph Horizon PET/CT Systems",
"version": {
"version_data": [
{
"version_value": "All VJ30 versions \u003c VJ30C-UD01"
}
]
}
},
{
"product_name": "MAGNETOM Family",
"version": {
"version_data": [
{
"version_value": "NUMARIS X: VA12M, VA12S, VA10B, VA20A, VA30A, VA31A"
}
]
}
},
{
"product_name": "MAMMOMAT Revelation",
"version": {
"version_data": [
{
"version_value": "All VC20 versions \u003c VC20D"
}
]
}
},
{
"product_name": "NAEOTOM Alpha",
"version": {
"version_data": [
{
"version_value": "All VA40 versions \u003c VA40 SP2"
}
]
}
},
{
"product_name": "SOMATOM X.cite",
"version": {
"version_data": [
{
"version_value": "All versions \u003c VA30 SP5 or VA40 SP2"
}
]
}
},
{
"product_name": "SOMATOM X.creed",
"version": {
"version_data": [
{
"version_value": "All versions \u003c VA30 SP5 or VA40 SP2"
}
]
}
},
{
"product_name": "SOMATOM go.All",
"version": {
"version_data": [
{
"version_value": "All versions \u003c VA30 SP5 or VA40 SP2"
}
]
}
},
{
"product_name": "SOMATOM go.Now",
"version": {
"version_data": [
{
"version_value": "All versions \u003c VA30 SP5 or VA40 SP2"
}
]
}
},
{
"product_name": "SOMATOM go.Open Pro",
"version": {
"version_data": [
{
"version_value": "All versions \u003c VA30 SP5 or VA40 SP2"
}
]
}
},
{
"product_name": "SOMATOM go.Sim",
"version": {
"version_data": [
{
"version_value": "All versions \u003c VA30 SP5 or VA40 SP2"
}
]
}
},
{
"product_name": "SOMATOM go.Top",
"version": {
"version_data": [
{
"version_value": "All versions \u003c VA30 SP5 or VA40 SP2"
}
]
}
},
{
"product_name": "SOMATOM go.Up",
"version": {
"version_data": [
{
"version_value": "All versions \u003c VA30 SP5 or VA40 SP2"
}
]
}
},
{
"product_name": "Symbia E/S",
"version": {
"version_data": [
{
"version_value": "All VB22 versions \u003c VB22A-UD03"
}
]
}
},
{
"product_name": "Symbia Evo",
"version": {
"version_data": [
{
"version_value": "All VB22 versions \u003c VB22A-UD03"
}
]
}
},
{
"product_name": "Symbia Intevo",
"version": {
"version_data": [
{
"version_value": "All VB22 versions \u003c VB22A-UD03"
}
]
}
},
{
"product_name": "Symbia T",
"version": {
"version_data": [
{
"version_value": "All VB22 versions \u003c VB22A-UD03"
}
]
}
},
{
"product_name": "Symbia.net",
"version": {
"version_data": [
{
"version_value": "All VB22 versions \u003c VB22A-UD03"
}
]
}
},
{
"product_name": "syngo.via VB10",
"version": {
"version_data": [
{
"version_value": "All versions"
}
]
}
},
{
"product_name": "syngo.via VB20",
"version": {
"version_data": [
{
"version_value": "All versions"
}
]
}
},
{
"product_name": "syngo.via VB30",
"version": {
"version_data": [
{
"version_value": "All versions"
}
]
}
},
{
"product_name": "syngo.via VB40",
"version": {
"version_data": [
{
"version_value": "All versions \u003c VB40B HF06"
}
]
}
},
{
"product_name": "syngo.via VB50",
"version": {
"version_data": [
{
"version_value": "All versions"
}
]
}
},
{
"product_name": "syngo.via VB60",
"version": {
"version_data": [
{
"version_value": "All versions \u003c VB60B HF02"
}
]
}
}
]
},
"vendor_name": "Siemens"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in Biograph Horizon PET/CT Systems (All VJ30 versions \u003c VJ30C-UD01), MAGNETOM Family (NUMARIS X: VA12M, VA12S, VA10B, VA20A, VA30A, VA31A), MAMMOMAT Revelation (All VC20 versions \u003c VC20D), NAEOTOM Alpha (All VA40 versions \u003c VA40 SP2), SOMATOM X.cite (All versions \u003c VA30 SP5 or VA40 SP2), SOMATOM X.creed (All versions \u003c VA30 SP5 or VA40 SP2), SOMATOM go.All (All versions \u003c VA30 SP5 or VA40 SP2), SOMATOM go.Now (All versions \u003c VA30 SP5 or VA40 SP2), SOMATOM go.Open Pro (All versions \u003c VA30 SP5 or VA40 SP2), SOMATOM go.Sim (All versions \u003c VA30 SP5 or VA40 SP2), SOMATOM go.Top (All versions \u003c VA30 SP5 or VA40 SP2), SOMATOM go.Up (All versions \u003c VA30 SP5 or VA40 SP2), Symbia E/S (All VB22 versions \u003c VB22A-UD03), Symbia Evo (All VB22 versions \u003c VB22A-UD03), Symbia Intevo (All VB22 versions \u003c VB22A-UD03), Symbia T (All VB22 versions \u003c VB22A-UD03), Symbia.net (All VB22 versions \u003c VB22A-UD03), syngo.via VB10 (All versions), syngo.via VB20 (All versions), syngo.via VB30 (All versions), syngo.via VB40 (All versions \u003c VB40B HF06), syngo.via VB50 (All versions), syngo.via VB60 (All versions \u003c VB60B HF02). The application deserialises untrusted data without sufficient validations that could result in an arbitrary deserialization. This could allow an unauthenticated attacker to execute code in the affected system if ports 32912/tcp or 32914/tcp are reachable."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-502: Deserialization of Untrusted Data"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.siemens-healthineers.com/support-documentation/cybersecurity/shsa-455016",
"refsource": "MISC",
"url": "https://www.siemens-healthineers.com/support-documentation/cybersecurity/shsa-455016"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2022-29875",
"datePublished": "2022-06-01T09:50:11.000Z",
"dateReserved": "2022-04-28T00:00:00.000Z",
"dateUpdated": "2024-08-03T06:33:42.999Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-31115 (GCVE-0-2022-31115)
Vulnerability from cvelistv5 – Published: 2022-06-30 21:55 – Updated: 2025-04-22 17:52
VLAI
Title
Unsafe YAML deserialization in opensearch-ruby
Summary
opensearch-ruby is a community-driven, open source fork of elasticsearch-ruby. In versions prior to 2.0.1 the ruby `YAML.load` function was used instead of `YAML.safe_load`. As a result opensearch-ruby 2.0.0 and prior can lead to unsafe deserialization using YAML.load if the response is of type YAML. An attacker must be in control of an opensearch server and convince the victim to connect to it in order to exploit this vulnerability. The problem has been patched in opensearch-ruby gem version 2.0.1. Users are advised to upgrade. There are no known workarounds for this issue.
Severity
8.8 (High)
SSVC
Exploitation: poc
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-502 - Deserialization of Untrusted Data
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://github.com/opensearch-project/opensearch-… | x_refsource_CONFIRM |
| https://github.com/opensearch-project/opensearch-… | x_refsource_MISC |
| https://staaldraad.github.io/post/2021-01-09-univ… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| opensearch-project | opensearch-ruby |
Affected:
< 2.0.1
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:11:39.209Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/opensearch-project/opensearch-ruby/security/advisories/GHSA-977c-63xq-cgw3"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/opensearch-project/opensearch-ruby/pull/77"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://staaldraad.github.io/post/2021-01-09-universal-rce-ruby-yaml-load-updated/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-31115",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-22T15:42:50.945376Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-22T17:52:35.694Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "opensearch-ruby",
"vendor": "opensearch-project",
"versions": [
{
"status": "affected",
"version": "\u003c 2.0.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "opensearch-ruby is a community-driven, open source fork of elasticsearch-ruby. In versions prior to 2.0.1 the ruby `YAML.load` function was used instead of `YAML.safe_load`. As a result opensearch-ruby 2.0.0 and prior can lead to unsafe deserialization using YAML.load if the response is of type YAML. An attacker must be in control of an opensearch server and convince the victim to connect to it in order to exploit this vulnerability. The problem has been patched in opensearch-ruby gem version 2.0.1. Users are advised to upgrade. There are no known workarounds for this issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-502",
"description": "CWE-502: Deserialization of Untrusted Data",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-30T21:55:11.000Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/opensearch-project/opensearch-ruby/security/advisories/GHSA-977c-63xq-cgw3"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/opensearch-project/opensearch-ruby/pull/77"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://staaldraad.github.io/post/2021-01-09-universal-rce-ruby-yaml-load-updated/"
}
],
"source": {
"advisory": "GHSA-977c-63xq-cgw3",
"discovery": "UNKNOWN"
},
"title": "Unsafe YAML deserialization in opensearch-ruby",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2022-31115",
"STATE": "PUBLIC",
"TITLE": "Unsafe YAML deserialization in opensearch-ruby"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "opensearch-ruby",
"version": {
"version_data": [
{
"version_value": "\u003c 2.0.1"
}
]
}
}
]
},
"vendor_name": "opensearch-project"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "opensearch-ruby is a community-driven, open source fork of elasticsearch-ruby. In versions prior to 2.0.1 the ruby `YAML.load` function was used instead of `YAML.safe_load`. As a result opensearch-ruby 2.0.0 and prior can lead to unsafe deserialization using YAML.load if the response is of type YAML. An attacker must be in control of an opensearch server and convince the victim to connect to it in order to exploit this vulnerability. The problem has been patched in opensearch-ruby gem version 2.0.1. Users are advised to upgrade. There are no known workarounds for this issue."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-502: Deserialization of Untrusted Data"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/opensearch-project/opensearch-ruby/security/advisories/GHSA-977c-63xq-cgw3",
"refsource": "CONFIRM",
"url": "https://github.com/opensearch-project/opensearch-ruby/security/advisories/GHSA-977c-63xq-cgw3"
},
{
"name": "https://github.com/opensearch-project/opensearch-ruby/pull/77",
"refsource": "MISC",
"url": "https://github.com/opensearch-project/opensearch-ruby/pull/77"
},
{
"name": "https://staaldraad.github.io/post/2021-01-09-universal-rce-ruby-yaml-load-updated/",
"refsource": "MISC",
"url": "https://staaldraad.github.io/post/2021-01-09-universal-rce-ruby-yaml-load-updated/"
}
]
},
"source": {
"advisory": "GHSA-977c-63xq-cgw3",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2022-31115",
"datePublished": "2022-06-30T21:55:11.000Z",
"dateReserved": "2022-05-18T00:00:00.000Z",
"dateUpdated": "2025-04-22T17:52:35.694Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-31604 (GCVE-0-2022-31604)
Vulnerability from cvelistv5 – Published: 2022-07-01 17:15 – Updated: 2024-08-03 07:26
VLAI
Summary
NVFLARE, versions prior to 2.1.2, contains a vulnerability in its PKI implementation module, where The CA credentials are transported via pickle and no safe deserialization. The deserialization of Untrusted Data may allow an unprivileged network attacker to cause Remote Code Execution, Denial Of Service, and Impact to both Confidentiality and Integrity.
Severity
9.8 (Critical)
CWE
- CWE-502 - Deserialization of Untrusted Data
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://github.com/NVIDIA/NVFlare/security/adviso… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| NVIDIA | NVIDIA FLARE |
Affected:
All versions prior to 2.1.2
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:26:00.997Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/NVIDIA/NVFlare/security/advisories/GHSA-rcxc-3w2m-mp8h"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "NVIDIA FLARE",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All versions prior to 2.1.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "NVFLARE, versions prior to 2.1.2, contains a vulnerability in its PKI implementation module, where The CA credentials are transported via pickle and no safe deserialization. The deserialization of Untrusted Data may allow an unprivileged network attacker to cause Remote Code Execution, Denial Of Service, and Impact to both Confidentiality and Integrity."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-502",
"description": "CWE-502: Deserialization of Untrusted Data",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-01T17:15:21.000Z",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/NVIDIA/NVFlare/security/advisories/GHSA-rcxc-3w2m-mp8h"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@nvidia.com",
"ID": "CVE-2022-31604",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "NVIDIA FLARE",
"version": {
"version_data": [
{
"version_value": "All versions prior to 2.1.2"
}
]
}
}
]
},
"vendor_name": "NVIDIA"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "NVFLARE, versions prior to 2.1.2, contains a vulnerability in its PKI implementation module, where The CA credentials are transported via pickle and no safe deserialization. The deserialization of Untrusted Data may allow an unprivileged network attacker to cause Remote Code Execution, Denial Of Service, and Impact to both Confidentiality and Integrity."
}
]
},
"impact": {
"cvss": {
"baseScore": 9.8,
"baseSeverity": "Critical",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-502: Deserialization of Untrusted Data"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/NVIDIA/NVFlare/security/advisories/GHSA-rcxc-3w2m-mp8h",
"refsource": "MISC",
"url": "https://github.com/NVIDIA/NVFlare/security/advisories/GHSA-rcxc-3w2m-mp8h"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2022-31604",
"datePublished": "2022-07-01T17:15:21.000Z",
"dateReserved": "2022-05-24T00:00:00.000Z",
"dateUpdated": "2024-08-03T07:26:00.997Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-31605 (GCVE-0-2022-31605)
Vulnerability from cvelistv5 – Published: 2022-07-01 17:15 – Updated: 2024-08-03 07:26
VLAI
Summary
NVFLARE, versions prior to 2.1.2, contains a vulnerability in its utils module, where YAML files are loaded via yaml.load() instead of yaml.safe_load(). The deserialization of Untrusted Data, may allow an unprivileged network attacker to cause Remote Code Execution, Denial Of Service, and Impact to both Confidentiality and Integrity.
Severity
9.8 (Critical)
CWE
- CWE-502 - Allocation of Resources Without Limits or Throttling
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://github.com/NVIDIA/NVFlare/security/adviso… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| NVIDIA | NVIDIA FLARE |
Affected:
All versions prior to 2.1.2
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:26:00.993Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/NVIDIA/NVFlare/security/advisories/GHSA-hrf3-622q-8366"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "NVIDIA FLARE",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All versions prior to 2.1.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "NVFLARE, versions prior to 2.1.2, contains a vulnerability in its utils module, where YAML files are loaded via yaml.load() instead of yaml.safe_load(). The deserialization of Untrusted Data, may allow an unprivileged network attacker to cause Remote Code Execution, Denial Of Service, and Impact to both Confidentiality and Integrity."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-502",
"description": "CWE-502: Allocation of Resources Without Limits or Throttling",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-01T17:15:22.000Z",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/NVIDIA/NVFlare/security/advisories/GHSA-hrf3-622q-8366"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@nvidia.com",
"ID": "CVE-2022-31605",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "NVIDIA FLARE",
"version": {
"version_data": [
{
"version_value": "All versions prior to 2.1.2"
}
]
}
}
]
},
"vendor_name": "NVIDIA"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "NVFLARE, versions prior to 2.1.2, contains a vulnerability in its utils module, where YAML files are loaded via yaml.load() instead of yaml.safe_load(). The deserialization of Untrusted Data, may allow an unprivileged network attacker to cause Remote Code Execution, Denial Of Service, and Impact to both Confidentiality and Integrity."
}
]
},
"impact": {
"cvss": {
"baseScore": 9.8,
"baseSeverity": "High",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-502: Allocation of Resources Without Limits or Throttling"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/NVIDIA/NVFlare/security/advisories/GHSA-hrf3-622q-8366",
"refsource": "MISC",
"url": "https://github.com/NVIDIA/NVFlare/security/advisories/GHSA-hrf3-622q-8366"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2022-31605",
"datePublished": "2022-07-01T17:15:22.000Z",
"dateReserved": "2022-05-24T00:00:00.000Z",
"dateUpdated": "2024-08-03T07:26:00.993Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-32224 (GCVE-0-2022-32224)
Vulnerability from cvelistv5 – Published: 2022-12-05 00:00 – Updated: 2026-05-11 16:53
VLAI
Summary
A possible escalation to RCE vulnerability exists when using YAML serialized columns in Active Record < 7.0.3.1, <6.1.6.1, <6.0.5.1 and <5.2.8.1 which could allow an attacker, that can manipulate data in the database (via means like SQL injection), the ability to escalate to an RCE.
Severity
9.8 (Critical)
SSVC
Exploitation: poc
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-502 - Deserialization of Untrusted Data (CWE-502)
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | https://github.com/rails/rails |
Affected:
7.0.3.1, 6.1.6.1, 6.0.5.1, 5.2.8.1
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2026-05-11T16:53:19.403Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/advisories/GHSA-3hhc-qp5v-9p2j"
},
{
"tags": [
"x_transferred"
],
"url": "https://groups.google.com/g/rubyonrails-security/c/MmFO3LYQE8U"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2026/05/msg00022.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-32224",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-24T15:17:17.965566Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-24T15:17:29.382Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "https://github.com/rails/rails",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "7.0.3.1, 6.1.6.1, 6.0.5.1, 5.2.8.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A possible escalation to RCE vulnerability exists when using YAML serialized columns in Active Record \u003c 7.0.3.1, \u003c6.1.6.1, \u003c6.0.5.1 and \u003c5.2.8.1 which could allow an attacker, that can manipulate data in the database (via means like SQL injection), the ability to escalate to an RCE."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-502",
"description": "Deserialization of Untrusted Data (CWE-502)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-12-05T00:00:00.000Z",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"url": "https://github.com/advisories/GHSA-3hhc-qp5v-9p2j"
},
{
"url": "https://groups.google.com/g/rubyonrails-security/c/MmFO3LYQE8U"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2022-32224",
"datePublished": "2022-12-05T00:00:00.000Z",
"dateReserved": "2022-06-01T00:00:00.000Z",
"dateUpdated": "2026-05-11T16:53:19.403Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2022-32521 (GCVE-0-2022-32521)
Vulnerability from cvelistv5 – Published: 2023-01-30 00:00 – Updated: 2025-02-05 20:07
VLAI
Summary
A CWE 502: Deserialization of Untrusted Data vulnerability exists that could allow code to be remotely executed on the server when unsafely deserialized data is posted to the web server. Affected Products: Data Center Expert (Versions prior to V7.9.0)
Severity
7.1 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-502 - Deserialization of Untrusted Data
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Schneider Electric | Data Center Expert |
Affected:
All , < V7.9.0
(custom)
|
Date Public
2022-06-14 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:46:43.618Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://download.schneider-electric.com/files?p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2022-165-04_+Data_Center_Expert_Security_Notification.pdf\u0026p_Doc_Ref=SEVD-2022-165-04"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-32521",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-05T19:52:33.537984Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-05T20:07:44.700Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Data Center Expert",
"vendor": "Schneider Electric",
"versions": [
{
"lessThan": "V7.9.0",
"status": "affected",
"version": "All",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-06-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A CWE 502: Deserialization of Untrusted Data vulnerability exists that could allow code to be remotely executed on the server when unsafely deserialized data is posted to the web server. Affected Products: Data Center Expert (Versions prior to V7.9.0)"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-502",
"description": "CWE-502 Deserialization of Untrusted Data",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-01-30T00:00:00.000Z",
"orgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
"shortName": "schneider"
},
"references": [
{
"url": "https://download.schneider-electric.com/files?p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2022-165-04_+Data_Center_Expert_Security_Notification.pdf\u0026p_Doc_Ref=SEVD-2022-165-04"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.0.9"
}
}
},
"cveMetadata": {
"assignerOrgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
"assignerShortName": "schneider",
"cveId": "CVE-2022-32521",
"datePublished": "2023-01-30T00:00:00.000Z",
"dateReserved": "2022-06-07T00:00:00.000Z",
"dateUpdated": "2025-02-05T20:07:44.700Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-33315 (GCVE-0-2022-33315)
Vulnerability from cvelistv5 – Published: 2022-07-20 16:55 – Updated: 2026-01-09 04:58
VLAI
Summary
Deserialization of Untrusted Data vulnerability in Mitsubishi Electric GENESIS64 versions 10.97 to 10.97.1, Mitsubishi Electric Iconics Digital Solutions GENESIS64 versions 10.97 to 10.97.1, Mitsubishi Electric ICONICS Suite versions 10.97 to 10.97.1, Mitsubishi Electric Iconics Digital Solutions ICONICS Suite versions 10.97 to 10.97.1, and Mitsubishi Electric MC Works64 versions 4.04E and prior allows an unauthenticated attacker to execute an arbitrary malicious code by leading a user to load a monitoring screen file including malicious XAML codes.
Severity
7.8 (High)
CWE
- CWE-502 - Deserialization of Untrusted Data
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://www.mitsubishielectric.com/en/psirt/vulne… | vendor-advisory |
| https://jvn.jp/vu/JVNVU96480474/index.html | government-resource |
| https://www.cisa.gov/news-events/ics-advisories/i… | government-resource |
Impacted products
5 products
| Vendor | Product | Version | |
|---|---|---|---|
| Mitsubishi Electric | GENESIS64 |
Affected:
Versions 10.97 to 10.97.1
|
|
| Mitsubishi Electric Iconics Digital Solutions | GENESIS64 |
Affected:
Versions 10.97 to 10.97.1
|
|
| Mitsubishi Electric | ICONICS Suite |
Affected:
Versions 10.97 to 10.97.1
|
|
| Mitsubishi Electric Iconics Digital Solutions | ICONICS Suite |
Affected:
Versions 10.97 to 10.97.1
|
|
| Mitsubishi Electric | MC Works64 |
Affected:
Versions 4.04E and prior
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T08:01:20.500Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-008_en.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jvn.jp/vu/JVNVU96480474/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "GENESIS64",
"vendor": "Mitsubishi Electric",
"versions": [
{
"status": "affected",
"version": "Versions 10.97 to 10.97.1"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GENESIS64",
"vendor": "Mitsubishi Electric Iconics Digital Solutions",
"versions": [
{
"status": "affected",
"version": "Versions 10.97 to 10.97.1"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ICONICS Suite",
"vendor": "Mitsubishi Electric",
"versions": [
{
"status": "affected",
"version": "Versions 10.97 to 10.97.1"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ICONICS Suite",
"vendor": "Mitsubishi Electric Iconics Digital Solutions",
"versions": [
{
"status": "affected",
"version": "Versions 10.97 to 10.97.1"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MC Works64",
"vendor": "Mitsubishi Electric",
"versions": [
{
"status": "affected",
"version": "Versions 4.04E and prior"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Deserialization of Untrusted Data vulnerability in Mitsubishi Electric GENESIS64 versions 10.97 to 10.97.1, Mitsubishi Electric Iconics Digital Solutions GENESIS64 versions 10.97 to 10.97.1, Mitsubishi Electric ICONICS Suite versions 10.97 to 10.97.1, Mitsubishi Electric Iconics Digital Solutions ICONICS Suite versions 10.97 to 10.97.1, and Mitsubishi Electric MC Works64 versions 4.04E and prior allows an unauthenticated attacker to execute an arbitrary malicious code by leading a user to load a monitoring screen file including malicious XAML codes."
}
],
"value": "Deserialization of Untrusted Data vulnerability in Mitsubishi Electric GENESIS64 versions 10.97 to 10.97.1, Mitsubishi Electric Iconics Digital Solutions GENESIS64 versions 10.97 to 10.97.1, Mitsubishi Electric ICONICS Suite versions 10.97 to 10.97.1, Mitsubishi Electric Iconics Digital Solutions ICONICS Suite versions 10.97 to 10.97.1, and Mitsubishi Electric MC Works64 versions 4.04E and prior allows an unauthenticated attacker to execute an arbitrary malicious code by leading a user to load a monitoring screen file including malicious XAML codes."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-502",
"description": "CWE-502 Deserialization of Untrusted Data",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-09T04:58:25.913Z",
"orgId": "e0f77b61-78fd-4786-b3fb-1ee347a748ad",
"shortName": "Mitsubishi"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-008_en.pdf"
},
{
"tags": [
"government-resource"
],
"url": "https://jvn.jp/vu/JVNVU96480474/index.html"
},
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-22-202-04"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.5.0"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp",
"ID": "CVE-2022-33315",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ICONICS GENESIS64; Mitsubishi Electric MC Works64",
"version": {
"version_data": [
{
"version_value": "ICONICS GENESIS64 versions 10.97.1 and prior"
},
{
"version_value": "Mitsubishi Electric MC Works64 versions 4.04E (10.95.210.01) and prior"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Deserialization of Untrusted Data vulnerability in ICONICS GENESIS64 versions 10.97.1 and prior and Mitsubishi Electric MC Works64 versions 4.04E (10.95.210.01) and prior allows an unauthenticated attacker to execute an arbitrary malicious code by leading a user to load a monitoring screen file including malicious XAML codes."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Deserialization of Untrusted Data"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-008_en.pdf",
"refsource": "MISC",
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-008_en.pdf"
},
{
"name": "https://jvn.jp/vu/JVNVU96480474/index.html",
"refsource": "MISC",
"url": "https://jvn.jp/vu/JVNVU96480474/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e0f77b61-78fd-4786-b3fb-1ee347a748ad",
"assignerShortName": "Mitsubishi",
"cveId": "CVE-2022-33315",
"datePublished": "2022-07-20T16:55:13.000Z",
"dateReserved": "2022-06-14T00:00:00.000Z",
"dateUpdated": "2026-01-09T04:58:25.913Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2022-33316 (GCVE-0-2022-33316)
Vulnerability from cvelistv5 – Published: 2022-07-20 16:51 – Updated: 2026-01-09 05:07
VLAI
Summary
Deserialization of Untrusted Data vulnerability in Mitsubishi Electric GENESIS64 versions 10.97 to 10.97.1, Mitsubishi Electric Iconics Digital Solutions GENESIS64 versions 10.97 to 10.97.1, Mitsubishi Electric ICONICS Suite versions 10.97 to 10.97.1, Mitsubishi Electric Iconics Digital Solutions ICONICS Suite versions 10.97 to 10.97.1, and Mitsubishi Electric MC Works64 versions 4.04E and prior allows an unauthenticated attacker to execute an arbitrary malicious code by leading a user to load a monitoring screen file including malicious XAML codes.
Severity
7.8 (High)
CWE
- CWE-502 - Deserialization of Untrusted Data
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://www.mitsubishielectric.com/en/psirt/vulne… | vendor-advisory |
| https://jvn.jp/vu/JVNVU96480474/index.html | government-resource |
| https://www.cisa.gov/news-events/ics-advisories/i… | government-resource |
Impacted products
5 products
| Vendor | Product | Version | |
|---|---|---|---|
| Mitsubishi Electric | GENESIS64 |
Affected:
Versions 10.97 to 10.97.1
|
|
| Mitsubishi Electric Iconics Digital Solutions | GENESIS64 |
Affected:
Versions 10.97 to 10.97.1
|
|
| Mitsubishi Electric | ICONICS Suite |
Affected:
Versions 10.97 to 10.97.1
|
|
| Mitsubishi Electric Iconics Digital Solutions | ICONICS Suite |
Affected:
Versions 10.97 to 10.97.1
|
|
| Mitsubishi Electric | MC Works64 |
Affected:
Versions 4.04E and prior
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T08:09:21.142Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-008_en.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jvn.jp/vu/JVNVU96480474/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "GENESIS64",
"vendor": "Mitsubishi Electric",
"versions": [
{
"status": "affected",
"version": "Versions 10.97 to 10.97.1"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GENESIS64",
"vendor": "Mitsubishi Electric Iconics Digital Solutions",
"versions": [
{
"status": "affected",
"version": "Versions 10.97 to 10.97.1"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ICONICS Suite",
"vendor": "Mitsubishi Electric",
"versions": [
{
"status": "affected",
"version": "Versions 10.97 to 10.97.1"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ICONICS Suite",
"vendor": "Mitsubishi Electric Iconics Digital Solutions",
"versions": [
{
"status": "affected",
"version": "Versions 10.97 to 10.97.1"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MC Works64",
"vendor": "Mitsubishi Electric",
"versions": [
{
"status": "affected",
"version": "Versions 4.04E and prior"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Deserialization of Untrusted Data vulnerability in Mitsubishi Electric GENESIS64 versions 10.97 to 10.97.1, Mitsubishi Electric Iconics Digital Solutions GENESIS64 versions 10.97 to 10.97.1, Mitsubishi Electric ICONICS Suite versions 10.97 to 10.97.1, Mitsubishi Electric Iconics Digital Solutions ICONICS Suite versions 10.97 to 10.97.1, and Mitsubishi Electric MC Works64 versions 4.04E and prior allows an unauthenticated attacker to execute an arbitrary malicious code by leading a user to load a monitoring screen file including malicious XAML codes."
}
],
"value": "Deserialization of Untrusted Data vulnerability in Mitsubishi Electric GENESIS64 versions 10.97 to 10.97.1, Mitsubishi Electric Iconics Digital Solutions GENESIS64 versions 10.97 to 10.97.1, Mitsubishi Electric ICONICS Suite versions 10.97 to 10.97.1, Mitsubishi Electric Iconics Digital Solutions ICONICS Suite versions 10.97 to 10.97.1, and Mitsubishi Electric MC Works64 versions 4.04E and prior allows an unauthenticated attacker to execute an arbitrary malicious code by leading a user to load a monitoring screen file including malicious XAML codes."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-502",
"description": "CWE-502 Deserialization of Untrusted Data",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-09T05:07:12.066Z",
"orgId": "e0f77b61-78fd-4786-b3fb-1ee347a748ad",
"shortName": "Mitsubishi"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-008_en.pdf"
},
{
"tags": [
"government-resource"
],
"url": "https://jvn.jp/vu/JVNVU96480474/index.html"
},
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-22-202-04"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.5.0"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp",
"ID": "CVE-2022-33316",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ICONICS GENESIS64; Mitsubishi Electric MC Works64",
"version": {
"version_data": [
{
"version_value": "ICONICS GENESIS64 versions 10.97.1 and prior"
},
{
"version_value": "Mitsubishi Electric MC Works64 versions 4.04E (10.95.210.01) and prior"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Deserialization of Untrusted Data vulnerability in ICONICS GENESIS64 versions 10.97.1 and prior and Mitsubishi Electric MC Works64 versions 4.04E (10.95.210.01) and prior allows an unauthenticated attacker to execute an arbitrary malicious code by leading a user to load a monitoring screen file including malicious XAML codes."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Deserialization of Untrusted Data"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-008_en.pdf",
"refsource": "MISC",
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-008_en.pdf"
},
{
"name": "https://jvn.jp/vu/JVNVU96480474/index.html",
"refsource": "MISC",
"url": "https://jvn.jp/vu/JVNVU96480474/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e0f77b61-78fd-4786-b3fb-1ee347a748ad",
"assignerShortName": "Mitsubishi",
"cveId": "CVE-2022-33316",
"datePublished": "2022-07-20T16:51:27.000Z",
"dateReserved": "2022-06-14T00:00:00.000Z",
"dateUpdated": "2026-01-09T05:07:12.066Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2022-33318 (GCVE-0-2022-33318)
Vulnerability from cvelistv5 – Published: 2022-07-20 16:57 – Updated: 2026-01-09 05:12
VLAI
Summary
Deserialization of Untrusted Data vulnerability in Mitsubishi Electric GENESIS64 versions 10.97 to 10.97.1, Mitsubishi Electric Iconics Digital Solutions GENESIS64 versions 10.97 to 10.97.1, Mitsubishi Electric ICONICS Suite versions 10.97 to 10.97.1, Mitsubishi Electric Iconics Digital Solutions ICONICS Suite versions 10.97 to 10.97.1, Mitsubishi Electric GENESIS32 versions 9.7 and prior, Mitsubishi Electric Iconics Digital Solutions GENESIS32 versions 9.7 and prior, and Mitsubishi Electric MC Works64 versions 4.04E and prior allows a remote unauthenticated attacker to execute an arbitrary malicious code by sending specially crafted packets to the GENESIS64, ICONICS Suite, GENESIS32, or MC Works64 server.
Severity
9.8 (Critical)
CWE
- CWE-502 - Deserialization of Untrusted Data
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://www.mitsubishielectric.com/en/psirt/vulne… | vendor-advisory |
| https://jvn.jp/vu/JVNVU96480474/index.html | government-resource |
| https://www.cisa.gov/news-events/ics-advisories/i… | government-resource |
Impacted products
7 products
| Vendor | Product | Version | |
|---|---|---|---|
| Mitsubishi Electric | GENESIS64 |
Affected:
Versions 10.97 to 10.97.1
|
|
| Mitsubishi Electric Iconics Digital Solutions | GENESIS64 |
Affected:
Versions 10.97 to 10.97.1
|
|
| Mitsubishi Electric | ICONICS Suite |
Affected:
Versions 10.97 to 10.97.1
|
|
| Mitsubishi Electric Iconics Digital Solutions | ICONICS Suite |
Affected:
Versions 10.97 to 10.97.1
|
|
| Mitsubishi Electric | GENESIS32 |
Affected:
Versions 9.7 and prior
|
|
| Mitsubishi Electric Iconics Digital Solutions | GENESIS32 |
Affected:
Versions 9.7 and prior
|
|
| Mitsubishi Electric | MC Works64 |
Affected:
Versions 4.04E and prior
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T08:09:21.263Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-008_en.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jvn.jp/vu/JVNVU96480474/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "GENESIS64",
"vendor": "Mitsubishi Electric",
"versions": [
{
"status": "affected",
"version": "Versions 10.97 to 10.97.1"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GENESIS64",
"vendor": "Mitsubishi Electric Iconics Digital Solutions",
"versions": [
{
"status": "affected",
"version": "Versions 10.97 to 10.97.1"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ICONICS Suite",
"vendor": "Mitsubishi Electric",
"versions": [
{
"status": "affected",
"version": "Versions 10.97 to 10.97.1"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ICONICS Suite",
"vendor": "Mitsubishi Electric Iconics Digital Solutions",
"versions": [
{
"status": "affected",
"version": "Versions 10.97 to 10.97.1"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GENESIS32",
"vendor": "Mitsubishi Electric",
"versions": [
{
"status": "affected",
"version": "Versions 9.7 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GENESIS32",
"vendor": "Mitsubishi Electric Iconics Digital Solutions",
"versions": [
{
"status": "affected",
"version": "Versions 9.7 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MC Works64",
"vendor": "Mitsubishi Electric",
"versions": [
{
"status": "affected",
"version": "Versions 4.04E and prior"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Deserialization of Untrusted Data vulnerability in Mitsubishi Electric GENESIS64 versions 10.97 to 10.97.1, Mitsubishi Electric Iconics Digital Solutions GENESIS64 versions 10.97 to 10.97.1, Mitsubishi Electric ICONICS Suite versions 10.97 to 10.97.1, Mitsubishi Electric Iconics Digital Solutions ICONICS Suite versions 10.97 to 10.97.1, Mitsubishi Electric GENESIS32 versions 9.7 and prior, Mitsubishi Electric Iconics Digital Solutions GENESIS32 versions 9.7 and prior, and Mitsubishi Electric MC Works64 versions 4.04E and prior allows a remote unauthenticated attacker to execute an arbitrary malicious code by sending specially crafted packets to the GENESIS64, ICONICS Suite, GENESIS32, or MC Works64 server."
}
],
"value": "Deserialization of Untrusted Data vulnerability in Mitsubishi Electric GENESIS64 versions 10.97 to 10.97.1, Mitsubishi Electric Iconics Digital Solutions GENESIS64 versions 10.97 to 10.97.1, Mitsubishi Electric ICONICS Suite versions 10.97 to 10.97.1, Mitsubishi Electric Iconics Digital Solutions ICONICS Suite versions 10.97 to 10.97.1, Mitsubishi Electric GENESIS32 versions 9.7 and prior, Mitsubishi Electric Iconics Digital Solutions GENESIS32 versions 9.7 and prior, and Mitsubishi Electric MC Works64 versions 4.04E and prior allows a remote unauthenticated attacker to execute an arbitrary malicious code by sending specially crafted packets to the GENESIS64, ICONICS Suite, GENESIS32, or MC Works64 server."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-502",
"description": "CWE-502 Deserialization of Untrusted Data",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-09T05:12:41.871Z",
"orgId": "e0f77b61-78fd-4786-b3fb-1ee347a748ad",
"shortName": "Mitsubishi"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-008_en.pdf"
},
{
"tags": [
"government-resource"
],
"url": "https://jvn.jp/vu/JVNVU96480474/index.html"
},
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-22-202-04"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.5.0"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp",
"ID": "CVE-2022-33318",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ICONICS GENESIS64; Mitsubishi Electric MC Works64",
"version": {
"version_data": [
{
"version_value": "ICONICS GENESIS64 versions 10.97.1 and prior"
},
{
"version_value": "Mitsubishi Electric MC Works64 versions 4.04E (10.95.210.01) and prior"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Deserialization of Untrusted Data vulnerability in ICONICS GENESIS64 versions 10.97.1 and prior and Mitsubishi Electric MC Works64 versions 4.04E (10.95.210.01) and prior allows a remote unauthenticated attacker to execute an arbitrary malicious code by sending specially crafted packets to the GENESIS64 server."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Deserialization of Untrusted Data"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-008_en.pdf",
"refsource": "MISC",
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-008_en.pdf"
},
{
"name": "https://jvn.jp/vu/JVNVU96480474/index.html",
"refsource": "MISC",
"url": "https://jvn.jp/vu/JVNVU96480474/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e0f77b61-78fd-4786-b3fb-1ee347a748ad",
"assignerShortName": "Mitsubishi",
"cveId": "CVE-2022-33318",
"datePublished": "2022-07-20T16:57:38.000Z",
"dateReserved": "2022-06-14T00:00:00.000Z",
"dateUpdated": "2026-01-09T05:12:41.871Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2022-33320 (GCVE-0-2022-33320)
Vulnerability from cvelistv5 – Published: 2022-07-20 16:56 – Updated: 2026-01-09 05:16
VLAI
Summary
Deserialization of Untrusted Data vulnerability in Mitsubishi Electric GENESIS64 versions 10.97 to 10.97.1, Mitsubishi Electric Iconics Digital Solutions GENESIS64 versions 10.97 to 10.97.1, Mitsubishi Electric ICONICS Suite versions 10.97 to 10.97.1, Mitsubishi Electric Iconics Digital Solutions ICONICS Suite versions 10.97 to 10.97.1, and Mitsubishi Electric MC Works64 versions 4.04E and prior allows an unauthenticated attacker to execute an arbitrary malicious code by leading a user to load a project configuration file including malicious XML codes.
Severity
7.8 (High)
CWE
- CWE-502 - Deserialization of Untrusted Data
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://www.mitsubishielectric.com/en/psirt/vulne… | vendor-advisory |
| https://jvn.jp/vu/JVNVU96480474/index.html | government-resource |
| https://www.cisa.gov/news-events/ics-advisories/i… | government-resource |
Impacted products
5 products
| Vendor | Product | Version | |
|---|---|---|---|
| Mitsubishi Electric | GENESIS64 |
Affected:
Versions 10.97 to 10.97.1
|
|
| Mitsubishi Electric Iconics Digital Solutions | GENESIS64 |
Affected:
Versions 10.97 to 10.97.1
|
|
| Mitsubishi Electric | ICONICS Suite |
Affected:
Versions 10.97 to 10.97.1
|
|
| Mitsubishi Electric Iconics Digital Solutions | ICONICS Suite |
Affected:
Versions 10.97 to 10.97.1
|
|
| Mitsubishi Electric | MC Works64 |
Affected:
Versions 4.04E and prior
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T08:09:21.319Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-008_en.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jvn.jp/vu/JVNVU96480474/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "GENESIS64",
"vendor": "Mitsubishi Electric",
"versions": [
{
"status": "affected",
"version": "Versions 10.97 to 10.97.1"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GENESIS64",
"vendor": "Mitsubishi Electric Iconics Digital Solutions",
"versions": [
{
"status": "affected",
"version": "Versions 10.97 to 10.97.1"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ICONICS Suite",
"vendor": "Mitsubishi Electric",
"versions": [
{
"status": "affected",
"version": "Versions 10.97 to 10.97.1"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ICONICS Suite",
"vendor": "Mitsubishi Electric Iconics Digital Solutions",
"versions": [
{
"status": "affected",
"version": "Versions 10.97 to 10.97.1"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MC Works64",
"vendor": "Mitsubishi Electric",
"versions": [
{
"status": "affected",
"version": "Versions 4.04E and prior"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Deserialization of Untrusted Data vulnerability in Mitsubishi Electric GENESIS64 versions 10.97 to 10.97.1, Mitsubishi Electric Iconics Digital Solutions GENESIS64 versions 10.97 to 10.97.1, Mitsubishi Electric ICONICS Suite versions 10.97 to 10.97.1, Mitsubishi Electric Iconics Digital Solutions ICONICS Suite versions 10.97 to 10.97.1, and Mitsubishi Electric MC Works64 versions 4.04E and prior allows an unauthenticated attacker to execute an arbitrary malicious code by leading a user to load a project configuration file including malicious XML codes."
}
],
"value": "Deserialization of Untrusted Data vulnerability in Mitsubishi Electric GENESIS64 versions 10.97 to 10.97.1, Mitsubishi Electric Iconics Digital Solutions GENESIS64 versions 10.97 to 10.97.1, Mitsubishi Electric ICONICS Suite versions 10.97 to 10.97.1, Mitsubishi Electric Iconics Digital Solutions ICONICS Suite versions 10.97 to 10.97.1, and Mitsubishi Electric MC Works64 versions 4.04E and prior allows an unauthenticated attacker to execute an arbitrary malicious code by leading a user to load a project configuration file including malicious XML codes."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-502",
"description": "CWE-502 Deserialization of Untrusted Data",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-09T05:16:27.798Z",
"orgId": "e0f77b61-78fd-4786-b3fb-1ee347a748ad",
"shortName": "Mitsubishi"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-008_en.pdf"
},
{
"tags": [
"government-resource"
],
"url": "https://jvn.jp/vu/JVNVU96480474/index.html"
},
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-22-202-04"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.5.0"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp",
"ID": "CVE-2022-33320",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ICONICS GENESIS64; Mitsubishi Electric MC Works64",
"version": {
"version_data": [
{
"version_value": "ICONICS GENESIS64 versions 10.97.1 and prior"
},
{
"version_value": "Mitsubishi Electric MC Works64 versions 4.04E (10.95.210.01) and prior"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Deserialization of Untrusted Data vulnerability in ICONICS GENESIS64 versions 10.97.1 and prior and Mitsubishi Electric MC Works64 versions 4.04E (10.95.210.01) and prior allows an unauthenticated attacker to execute an arbitrary malicious code by leading a user to load a project configuration file including malicious XML codes."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Deserialization of Untrusted Data"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-008_en.pdf",
"refsource": "MISC",
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-008_en.pdf"
},
{
"name": "https://jvn.jp/vu/JVNVU96480474/index.html",
"refsource": "MISC",
"url": "https://jvn.jp/vu/JVNVU96480474/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e0f77b61-78fd-4786-b3fb-1ee347a748ad",
"assignerShortName": "Mitsubishi",
"cveId": "CVE-2022-33320",
"datePublished": "2022-07-20T16:56:24.000Z",
"dateReserved": "2022-06-14T00:00:00.000Z",
"dateUpdated": "2026-01-09T05:16:27.798Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
Mitigation
Phases: Architecture and Design, Implementation
Description:
- If available, use the signing/sealing features of the programming language to assure that deserialized data has not been tainted. For example, a hash-based message authentication code (HMAC) could be used to ensure that data has not been modified.
Mitigation
Phase: Implementation
Description:
- When deserializing data, populate a new object rather than just deserializing. The result is that the data flows through safe input validation and that the functions are safe.
Mitigation
Phase: Implementation
Description:
- Explicitly define a final object() to prevent deserialization.
Mitigation
Phases: Architecture and Design, Implementation
Description:
- Make fields transient to protect them from deserialization.
- An attempt to serialize and then deserialize a class containing transient fields will result in NULLs where the transient data should be. This is an excellent way to prevent time, environment-based, or sensitive variables from being carried over and used improperly.
Mitigation
Phase: Implementation
Description:
- Avoid having unnecessary types or gadgets (a sequence of instances and method invocations that can self-execute during the deserialization process, often found in libraries) available that can be leveraged for malicious ends. This limits the potential for unintended or unauthorized types and gadgets to be leveraged by the attacker. Add only acceptable classes to an allowlist. Note: new gadgets are constantly being discovered, so this alone is not a sufficient mitigation.
Mitigation
Phases: Architecture and Design, Implementation
Description:
- Employ cryptography of the data or code for protection. However, it's important to note that it would still be client-side security. This is risky because if the client is compromised then the security implemented on the client (the cryptography) can be bypassed.
Mitigation ID: MIT-29
Phase: Operation
Strategy: Firewall
Description:
- Use an application firewall that can detect attacks against this weakness. It can be beneficial in cases in which the code cannot be fixed (because it is controlled by a third party), as an emergency prevention measure while more comprehensive software assurance measures are applied, or to provide defense in depth [REF-1481].
CAPEC-586: Object Injection
An adversary attempts to exploit an application by injecting additional, malicious content during its processing of serialized objects. Developers leverage serialization in order to convert data or state into a static, binary format for saving to disk or transferring over a network. These objects are then deserialized when needed to recover the data/state. By injecting a malformed object into a vulnerable application, an adversary can potentially compromise the application by manipulating the deserialization process. This can result in a number of unwanted outcomes, including remote code execution.