CVE-2022-33324

Published: Dic 23, 2022 Last Modified: Nov 21, 2024 EU-VD ID: EUVD-2022-36367 Aliases: GSD-2022-33324
ExploitDB:
Other exploit source:
Google Dorks:
HIGH 7,5
Source: [email protected]
Attack Vector: network
Attack Complexity: low
Privileges Required: none
User Interaction: none
Scope: unchanged
Confidentiality: none
Integrity: none
Availability: high

Description

AI Translation Available

Improper Resource Shutdown or Release vulnerability in Mitsubishi Electric Corporation MELSEC iQ-R Series R00/01/02CPU Firmware versions '32' and prior, Mitsubishi Electric Corporation MELSEC iQ-R Series R04/08/16/32/120(EN)CPU Firmware versions '65' and prior, Mitsubishi Electric Corporation MELSEC iQ-R Series R08/16/32/120SFCPU Firmware versions '29' and prior, Mitsubishi Electric Corporation MELSEC iQ-R Series R08/16/32/120PSFCPU Firmware versions '08' and prior, Mitsubishi Electric Corporation MELSEC iQ-R Series R12CCPU-V Firmware versions '17' and prior, Mitsubishi Electric Corporation MELSEC iQ-L Series L04/08/16/32HCPU Firmware versions '05' and prior and Mitsubishi Electric Corporation MELIPC Series MI5122-VW Firmware versions '07' and prior allows a remote unauthenticated attacker to cause a Denial of Service condition in Ethernet communication on the module by sending specially crafted packets. A system reset of the module is required for recovery.

EPSS (Exploit Prediction Scoring System)

Trend Analysis

EPSS (Exploit Prediction Scoring System)

Prevede la probabilità di sfruttamento basata su intelligence sulle minacce e sulle caratteristiche della vulnerabilità.

EPSS Score
0,0147
Percentile
0,8th
Updated

EPSS Score Trend (Last 90 Days)

404

Improper Resource Shutdown or Release

Draft
Abstraction: Class Structure: Simple
Common Consequences
Security Scopes Affected:
Availability Other Confidentiality
Potential Impacts:
Dos: Resource Consumption (Other) Varies By Context Read Application Data
Applicable Platforms
All platforms may be affected
Likelihood of Exploit: Medium
View CWE Details
Operating System

Melsec Iq-R R04 Cpu Firmware by Mitsubishi

Product Information
Vendor Mitsubishi
Product Melsec Iq-R R04 Cpu Firmware
Version Range Affected
To 66.0 (exclusive)
cpe:2.3:o:mitsubishi:melsec_iq-r_r04_cpu_firmware:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Melsec Iq-L L04 Hcpu Firmware by Mitsubishi

Product Information
Vendor Mitsubishi
Product Melsec Iq-L L04 Hcpu Firmware
cpe:2.3:o:mitsubishi:melsec_iq-l_l04_hcpu_firmware:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Melsec Iq-R R120 Sfcpu Firmware by Mitsubishi

Product Information
Vendor Mitsubishi
Product Melsec Iq-R R120 Sfcpu Firmware
cpe:2.3:o:mitsubishi:melsec_iq-r_r120_sfcpu_firmware:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Melsec Iq-R R08 Sfcpu Firmware by Mitsubishi

Product Information
Vendor Mitsubishi
Product Melsec Iq-R R08 Sfcpu Firmware
cpe:2.3:o:mitsubishi:melsec_iq-r_r08_sfcpu_firmware:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Melsec Iq-R R32 Sfcpu Firmware by Mitsubishi

Product Information
Vendor Mitsubishi
Product Melsec Iq-R R32 Sfcpu Firmware
cpe:2.3:o:mitsubishi:melsec_iq-r_r32_sfcpu_firmware:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Melipc Mi5122-Vw Firmware by Mitsubishi

Product Information
Vendor Mitsubishi
Product Melipc Mi5122-Vw Firmware
cpe:2.3:o:mitsubishi:melipc_mi5122-vw_firmware:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Melsec Iq-R R32 Cpu Firmware by Mitsubishi

Product Information
Vendor Mitsubishi
Product Melsec Iq-R R32 Cpu Firmware
Version Range Affected
To 66.0 (exclusive)
cpe:2.3:o:mitsubishi:melsec_iq-r_r32_cpu_firmware:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Melsec Iq-R R16 Sfcpu Firmware by Mitsubishi

Product Information
Vendor Mitsubishi
Product Melsec Iq-R R16 Sfcpu Firmware
cpe:2.3:o:mitsubishi:melsec_iq-r_r16_sfcpu_firmware:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Melsec Iq-R R120 Cpu Firmware by Mitsubishi

Product Information
Vendor Mitsubishi
Product Melsec Iq-R R120 Cpu Firmware
Version Range Affected
To 66.0 (exclusive)
cpe:2.3:o:mitsubishi:melsec_iq-r_r120_cpu_firmware:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Melsec Iq-R R04 Sfcpu Firmware by Mitsubishi

Product Information
Vendor Mitsubishi
Product Melsec Iq-R R04 Sfcpu Firmware
cpe:2.3:o:mitsubishi:melsec_iq-r_r04_sfcpu_firmware:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Melsec Iq-R R02 Cpu Firmware by Mitsubishi

Product Information
Vendor Mitsubishi
Product Melsec Iq-R R02 Cpu Firmware
Version Range Affected
To 33.0 (exclusive)
cpe:2.3:o:mitsubishi:melsec_iq-r_r02_cpu_firmware:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Melsec Iq-R R16 Cpu Firmware by Mitsubishi

Product Information
Vendor Mitsubishi
Product Melsec Iq-R R16 Cpu Firmware
Version Range Affected
To 66.0 (exclusive)
cpe:2.3:o:mitsubishi:melsec_iq-r_r16_cpu_firmware:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Melsec Iq-L L32 Hcpu Firmware by Mitsubishi

Product Information
Vendor Mitsubishi
Product Melsec Iq-L L32 Hcpu Firmware
cpe:2.3:o:mitsubishi:melsec_iq-l_l32_hcpu_firmware:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Melsec Iq-R R01 Cpu Firmware by Mitsubishi

Product Information
Vendor Mitsubishi
Product Melsec Iq-R R01 Cpu Firmware
Version Range Affected
To 33.0 (exclusive)
cpe:2.3:o:mitsubishi:melsec_iq-r_r01_cpu_firmware:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Melsec Iq-R R08 Cpu Firmware by Mitsubishi

Product Information
Vendor Mitsubishi
Product Melsec Iq-R R08 Cpu Firmware
Version Range Affected
To 66.0 (exclusive)
cpe:2.3:o:mitsubishi:melsec_iq-r_r08_cpu_firmware:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Melsec Iq-R R12 Ccpu-V Firmware by Mitsubishi

Product Information
Vendor Mitsubishi
Product Melsec Iq-R R12 Ccpu-V Firmware
cpe:2.3:o:mitsubishi:melsec_iq-r_r12_ccpu-v_firmware:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Melsec Iq-L L16 Hcpu Firmware by Mitsubishi

Product Information
Vendor Mitsubishi
Product Melsec Iq-L L16 Hcpu Firmware
cpe:2.3:o:mitsubishi:melsec_iq-l_l16_hcpu_firmware:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Melsec Iq-L L08 Hcpu Firmware by Mitsubishi

Product Information
Vendor Mitsubishi
Product Melsec Iq-L L08 Hcpu Firmware
cpe:2.3:o:mitsubishi:melsec_iq-l_l08_hcpu_firmware:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Melsec Iq-R R00 Cpu Firmware by Mitsubishi

Product Information
Vendor Mitsubishi
Product Melsec Iq-R R00 Cpu Firmware
Version Range Affected
To 33.0 (exclusive)
cpe:2.3:o:mitsubishi:melsec_iq-r_r00_cpu_firmware:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
https://jvn.jp/vu/JVNVU96883262
Third Party Advisory
https://jvn.jp/vu/JVNVU96883262
https://www.cisa.gov/uscert/ics/advisories/icsa-22-356-03
Patch Third Party Advisory US Government Resource
https://www.cisa.gov/uscert/ics/advisories/icsa-22-356-03
https://www.mitsubishielectric.com/en/psirt/vulnerability/p…
Vendor Advisory
https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-018_en.pdf
https://jvn.jp/vu/JVNVU96883262
Third Party Advisory
https://jvn.jp/vu/JVNVU96883262
https://www.cisa.gov/uscert/ics/advisories/icsa-22-356-03
Patch Third Party Advisory US Government Resource
https://www.cisa.gov/uscert/ics/advisories/icsa-22-356-03
https://www.mitsubishielectric.com/en/psirt/vulnerability/p…
Vendor Advisory
https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-018_en.pdf