GSD-2022-33324
Vulnerability from gsd - Updated: 2023-12-13 01:19Details
Improper Resource Shutdown or Release vulnerability in Mitsubishi Electric Corporation MELSEC iQ-R Series R00/01/02CPU Firmware versions "32" and prior, Mitsubishi Electric Corporation MELSEC iQ-R Series R04/08/16/32/120(EN)CPU Firmware versions "65" and prior, Mitsubishi Electric Corporation MELSEC iQ-R Series R08/16/32/120SFCPU Firmware versions "29" and prior, Mitsubishi Electric Corporation MELSEC iQ-R Series R12CCPU-V all versions, Mitsubishi Electric Corporation MELSEC iQ-L Series L04/08/16/32HCPU all versions and Mitsubishi Electric Corporation MELIPC Series MI5122-VW all versions allows a remote unauthenticated attacker to cause a Denial of Service condition in Ethernet communication on the module by sending specially crafted packets. A system reset of the module is required for recovery.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2022-33324",
"description": "Improper Resource Shutdown or Release vulnerability in Mitsubishi Electric Corporation MELSEC iQ-R Series R00/01/02CPU Firmware versions \"32\" and prior, Mitsubishi Electric Corporation MELSEC iQ-R Series R04/08/16/32/120(EN)CPU Firmware versions \"65\" and prior, Mitsubishi Electric Corporation MELSEC iQ-R Series R08/16/32/120SFCPU all versions, Mitsubishi Electric Corporation MELSEC iQ-R Series R12CCPU-V all versions, Mitsubishi Electric Corporation MELSEC iQ-L Series L04/08/16/32HCPU all versions and Mitsubishi Electric Corporation MELIPC Series MI5122-VW all versions allows a remote unauthenticated attacker to cause a Denial of Service condition in Ethernet communication on the module by sending specially crafted packets. A system reset of the module is required for recovery.",
"id": "GSD-2022-33324"
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2022-33324"
],
"details": "Improper Resource Shutdown or Release vulnerability in Mitsubishi Electric Corporation MELSEC iQ-R Series R00/01/02CPU Firmware versions \"32\" and prior, Mitsubishi Electric Corporation MELSEC iQ-R Series R04/08/16/32/120(EN)CPU Firmware versions \"65\" and prior, Mitsubishi Electric Corporation MELSEC iQ-R Series R08/16/32/120SFCPU Firmware versions \"29\" and prior, Mitsubishi Electric Corporation MELSEC iQ-R Series R12CCPU-V all versions, Mitsubishi Electric Corporation MELSEC iQ-L Series L04/08/16/32HCPU all versions and Mitsubishi Electric Corporation MELIPC Series MI5122-VW all versions allows a remote unauthenticated attacker to cause a Denial of Service condition in Ethernet communication on the module by sending specially crafted packets. A system reset of the module is required for recovery.",
"id": "GSD-2022-33324",
"modified": "2023-12-13T01:19:24.207686Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp",
"ID": "CVE-2022-33324",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MELSEC iQ-R Series R00CPU",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "Firmware versions \"32\" and prior"
}
]
}
},
{
"product_name": "MELSEC iQ-R Series R01CPU",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "Firmware versions \"32\" and prior"
}
]
}
},
{
"product_name": "MELSEC iQ-R Series R02CPU",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "Firmware versions \"32\" and prior"
}
]
}
},
{
"product_name": "MELSEC iQ-R Series R04(EN)CPU",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "Firmware versions \"65\" and prior"
}
]
}
},
{
"product_name": "MELSEC iQ-R Series R08(EN)CPU",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "Firmware versions \"65\" and prior"
}
]
}
},
{
"product_name": "MELSEC iQ-R Series R16(EN)CPU",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "Firmware versions \"65\" and prior"
}
]
}
},
{
"product_name": "MELSEC iQ-R Series R32(EN)CPU",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "Firmware versions \"65\" and prior"
}
]
}
},
{
"product_name": "MELSEC iQ-R Series R120(EN)CPU",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "Firmware versions \"65\" and prior"
}
]
}
},
{
"product_name": "MELSEC iQ-R Series R08SFCPU",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "Firmware versions \"29\" and prior"
}
]
}
},
{
"product_name": "MELSEC iQ-R Series R16SFCPU",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "Firmware versions \"29\" and prior"
}
]
}
},
{
"product_name": "MELSEC iQ-R Series R32SFCPU",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "Firmware versions \"29\" and prior"
}
]
}
},
{
"product_name": "MELSEC iQ-R Series R120SFCPU",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "Firmware versions \"29\" and prior"
}
]
}
},
{
"product_name": "MELSEC iQ-R Series R12CCPU-V",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "Firmware versions \"17\" and prior"
}
]
}
},
{
"product_name": "MELSEC iQ-L Series L04HCPU",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions"
}
]
}
},
{
"product_name": "MELSEC iQ-L Series L08HCPU",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions"
}
]
}
},
{
"product_name": "MELSEC iQ-L Series L16HCPU",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions"
}
]
}
},
{
"product_name": "MELSEC iQ-L Series L32HCPU",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions"
}
]
}
},
{
"product_name": "MELIPC Series MI5122-VW",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions"
}
]
}
}
]
},
"vendor_name": "Mitsubishi Electric Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper Resource Shutdown or Release vulnerability in Mitsubishi Electric Corporation MELSEC iQ-R Series R00/01/02CPU Firmware versions \"32\" and prior, Mitsubishi Electric Corporation MELSEC iQ-R Series R04/08/16/32/120(EN)CPU Firmware versions \"65\" and prior, Mitsubishi Electric Corporation MELSEC iQ-R Series R08/16/32/120SFCPU Firmware versions \"29\" and prior, Mitsubishi Electric Corporation MELSEC iQ-R Series R12CCPU-V Firmware versions \"17\" and prior, Mitsubishi Electric Corporation MELSEC iQ-L Series L04/08/16/32HCPU all versions and Mitsubishi Electric Corporation MELIPC Series MI5122-VW all versions allows a remote unauthenticated attacker to cause a Denial of Service condition in Ethernet communication on the module by sending specially crafted packets. A system reset of the module is required for recovery."
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"cweId": "CWE-404",
"lang": "eng",
"value": "CWE-404 Improper Resource Shutdown or Release"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-018_en.pdf",
"refsource": "MISC",
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-018_en.pdf"
},
{
"name": "https://jvn.jp/vu/JVNVU96883262",
"refsource": "MISC",
"url": "https://jvn.jp/vu/JVNVU96883262"
},
{
"name": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-356-03",
"refsource": "MISC",
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-356-03"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
},
"nvd.nist.gov": {
"cve": {
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mitsubishi:melsec_iq-r_r00_cpu_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EFC979CD-10C3-400C-A7EA-9E9B3637E1D7",
"versionEndExcluding": "33.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mitsubishi:melsec_iq-r_r00_cpu:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC6B7E9C-C56C-4452-9A8A-3E8BF51ED354",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mitsubishi:melsec_iq-r_r01_cpu_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7E13BF4F-3D5A-4FAD-BCD8-7261920AE06F",
"versionEndExcluding": "33.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mitsubishi:melsec_iq-r_r01_cpu:-:*:*:*:*:*:*:*",
"matchCriteriaId": "560D6AFE-4CDC-40D0-8C35-6749375B9B3C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mitsubishi:melsec_iq-r_r02_cpu_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "60BEF351-E337-4302-8D82-E90B2834370F",
"versionEndExcluding": "33.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mitsubishi:melsec_iq-r_r02_cpu:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E4D5746A-B9BC-4A4C-AF09-D2B16D54BF4D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mitsubishi:melsec_iq-r_r04_cpu_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0B733AD2-E857-47F4-89D5-A8F8B45F4A52",
"versionEndExcluding": "66.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mitsubishi:melsec_iq-r_r04_cpu:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA6B52DA-0EF4-46BF-A36D-92F717F70987",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mitsubishi:melsec_iq-r_r08_cpu_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "94D88549-B35E-4E27-84D1-3A828604BAED",
"versionEndExcluding": "66.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mitsubishi:melsec_iq-r_r08_cpu:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CF4496AD-1EFC-4B1D-8122-799FA34B40CB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mitsubishi:melsec_iq-r_r16_cpu_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "64A9C5A6-401D-4E28-A0DB-0BCD84B4E62B",
"versionEndExcluding": "66.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mitsubishi:melsec_iq-r_r16_cpu:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CA42D2F8-7856-4983-8FA9-0421E039AE8C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mitsubishi:melsec_iq-r_r32_cpu_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3F397671-FF15-45B0-8CEE-BC807B402019",
"versionEndExcluding": "66.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mitsubishi:melsec_iq-r_r32_cpu:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46D73C1A-3B81-4E81-A56D-0A75CEA4F92C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mitsubishi:melsec_iq-r_r120_cpu_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4F2250E2-BDB4-4D12-BE4A-9BFBE83736D6",
"versionEndExcluding": "66.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mitsubishi:melsec_iq-r_r120_cpu:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3EB4326B-B4F4-40DD-8220-204D490FFB38",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mitsubishi:melsec_iq-r_r04_sfcpu_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "608399AA-EC27-4AB2-B78A-1EF604CE9B9C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mitsubishi:melsec_iq-r_r04_sfcpu:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A654F03D-CBAC-45FB-8E5D-248E170C0AAE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mitsubishi:melsec_iq-r_r08_sfcpu_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "31AC9FB9-1E38-4F72-8C5F-C92D47A859CD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mitsubishi:melsec_iq-r_r08_sfcpu:-:*:*:*:*:*:*:*",
"matchCriteriaId": "781540CA-FCA3-4AA6-8A10-8534C31B34DA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mitsubishi:melsec_iq-r_r120_sfcpu_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2670099B-E05E-4918-B509-8D501CB60DD5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mitsubishi:melsec_iq-r_r120_sfcpu:-:*:*:*:*:*:*:*",
"matchCriteriaId": "34AA698B-A83A-4844-8E6C-7A674FEACC95",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mitsubishi:melsec_iq-r_r16_sfcpu_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4D581B2C-94BC-4BBD-B4D2-EC5D4A6503D7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mitsubishi:melsec_iq-r_r16_sfcpu:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6F98C064-A2E6-435C-8EB8-02E51B66ABA4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mitsubishi:melsec_iq-r_r32_sfcpu_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "35C64BD2-E3E1-42BE-A05F-4AB4EA067BF2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mitsubishi:melsec_iq-r_r32_sfcpu:-:*:*:*:*:*:*:*",
"matchCriteriaId": "293AD605-CF64-4136-820D-CCA74979534C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mitsubishi:melsec_iq-r_r12_ccpu-v_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BD61A664-AB0A-404D-894D-B8923F00F0F2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mitsubishi:melsec_iq-r_r12_ccpu-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "05A9F81B-DA09-483C-899C-05714192031E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mitsubishi:melipc_mi5122-vw_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "36A44C7C-6ABE-42B3-AAE9-D946FA0F35AC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mitsubishi:melipc_mi5122-vw:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C853C13A-91EB-473A-A170-41CD2FF71D67",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mitsubishi:melsec_iq-l_l04_hcpu_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1F615AE5-A216-4EED-813A-F530AD7BE225",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mitsubishi:melsec_iq-l_l04_hcpu:-:*:*:*:*:*:*:*",
"matchCriteriaId": "41167484-1F65-44C1-AB44-FCAAC7CC0D13",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mitsubishi:melsec_iq-l_l08_hcpu_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EAA81031-EA3F-435A-B65C-8110061DA134",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mitsubishi:melsec_iq-l_l08_hcpu:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BCE70487-E8F3-48D7-A4B7-FD85CFACDE81",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mitsubishi:melsec_iq-l_l16_hcpu_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DAA0255C-5233-485C-A997-606094D90486",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mitsubishi:melsec_iq-l_l16_hcpu:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9C91C52A-6ECB-498C-9DB9-563B6E6C6D70",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mitsubishi:melsec_iq-l_l32_hcpu_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "70B58655-D030-4ED1-B412-56F025B069D1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mitsubishi:melsec_iq-l_l32_hcpu:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CFCB3495-4859-4935-AB75-549A67E61D43",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper Resource Shutdown or Release vulnerability in Mitsubishi Electric Corporation MELSEC iQ-R Series R00/01/02CPU Firmware versions \"32\" and prior, Mitsubishi Electric Corporation MELSEC iQ-R Series R04/08/16/32/120(EN)CPU Firmware versions \"65\" and prior, Mitsubishi Electric Corporation MELSEC iQ-R Series R08/16/32/120SFCPU Firmware versions \"29\" and prior, Mitsubishi Electric Corporation MELSEC iQ-R Series R12CCPU-V Firmware versions \"17\" and prior, Mitsubishi Electric Corporation MELSEC iQ-L Series L04/08/16/32HCPU all versions and Mitsubishi Electric Corporation MELIPC Series MI5122-VW all versions allows a remote unauthenticated attacker to cause a Denial of Service condition in Ethernet communication on the module by sending specially crafted packets. A system reset of the module is required for recovery."
}
],
"id": "CVE-2022-33324",
"lastModified": "2023-12-13T05:15:07.773",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp",
"type": "Secondary"
}
]
},
"published": "2022-12-23T03:15:08.723",
"references": [
{
"source": "Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp",
"tags": [
"Third Party Advisory"
],
"url": "https://jvn.jp/vu/JVNVU96883262"
},
{
"source": "Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-356-03"
},
{
"source": "Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp",
"tags": [
"Vendor Advisory"
],
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-018_en.pdf"
}
],
"sourceIdentifier": "Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-404"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-404"
}
],
"source": "Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp",
"type": "Secondary"
}
]
}
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…