CVE-2022-24296

🗓️ 08 Jun 2022 14:11:50Reported by MitsubishiType

cve🔗 web.nvd.nist.gov📰️ 3 Media mentions👁 75 Views

Use of Broken Cryptographic Algorithm vuln in various Air Conditioning Systems allows remote unauthenticated attacker to sniff encrypted communication

Reporter	Title	Published	Views	Family All 10
ATTACKERKB	CVE-2022-24296	8 Jun 202215:15	–	attackerkb
Circl	CVE-2022-24296	8 Jun 202218:32	–	circl
CNNVD	Mitsubishi Electric Air Conditioning System 加密问题漏洞	8 Jun 202200:00	–	cnnvd
Cvelist	CVE-2022-24296	8 Jun 202214:11	–	cvelist
EUVD	EUVD-2022-29197	3 Oct 202520:07	–	euvd
ICS	Mitsubishi Electric Air Conditioning Systems	9 Jun 202200:00	–	ics
NVD	CVE-2022-24296	8 Jun 202215:15	–	nvd
OSV	CVE-2022-24296	8 Jun 202215:15	–	osv
Prion	Design/Logic Flaw	8 Jun 202215:15	–	prion
RedhatCVE	CVE-2022-24296	22 May 202522:11	–	redhatcve

NVD

Node

mitsubishi ae-200a_firmwareRange≤7.97

AND

mitsubishi ae-200aMatch-

Node

mitsubishi ae-200e_firmwareRange≤7.97

AND

mitsubishi ae-200eMatch-

Node

mitsubishi ae-200j_firmwareRange≤7.97

AND

mitsubishi ae-200jMatch-

Node

mitsubishi ae-50a_firmwareRange≤7.97

AND

mitsubishi ae-50aMatch-

Node

mitsubishi ae-50e_firmwareRange≤7.97

AND

mitsubishi ae-50eMatch-

Node

mitsubishi ae-50j_firmwareRange≤7.97

AND

mitsubishi ae-50jMatch-

Node

mitsubishi ag-150a-a_firmwareRange≤3.21

AND

mitsubishi ag-150a-aMatch-

Node

mitsubishi ag-150a-j_firmwareRange≤3.21

AND

mitsubishi ag-150a-jMatch-

Node

mitsubishi eb-50gu-a_firmwareRange≤7.10

AND

mitsubishi eb-50gu-aMatch-

Node

mitsubishi eb-50gu-j_firmwareRange≤7.10

AND

mitsubishi eb-50gu-jMatch-

Node

mitsubishi ew-50a_firmwareRange≤7.97

AND

mitsubishi ew-50aMatch-

Node

mitsubishi ew-50e_firmwareRange≤7.97

AND

mitsubishi ew-50eMatch-

Node

mitsubishi ew-50j_firmwareRange≤7.97

AND

mitsubishi ew-50jMatch-

Node

mitsubishi g-150ad_firmwareRange≤3.21

AND

mitsubishi g-150adMatch-

Node

mitsubishi gb-50a_firmwareRange≤3.21

AND

mitsubishi gb-50aMatch-

Node

mitsubishi gb-50ada-a_firmwareRange≤3.21

AND

mitsubishi gb-50ada-aMatch-

Node

mitsubishi gb-50ada-j_firmwareRange≤3.21

AND

mitsubishi gb-50ada-jMatch-

Node

mitsubishi te-200a_firmwareRange≤7.97

AND

mitsubishi te-200aMatch-

Node

mitsubishi te-50a_firmwareRange≤7.97

AND

mitsubishi te-50aMatch-

Node

mitsubishi tw-50a_firmwareRange≤7.97

AND

mitsubishi tw-50aMatch-

[
  {
    "product": "Air Conditioning System G-150AD; Air Conditioning System AG-150A-A; Air Conditioning System AG-150A-J; Air Conditioning System GB-50AD; Air Conditioning System GB-50ADA-A; Air Conditioning System GB-50ADA-J; Air Conditioning System EB-50GU-A; Air Conditioning System EB-50GU-J; Air Conditioning System AE-200J; Air Conditioning System AE-200A; Air Conditioning System AE-200E; Air Conditioning System AE-50J; Air Conditioning System AE-50A; Air Conditioning System AE-50E; Air Conditioning System EW-50J; Air Conditioning System EW-50A; Air Conditioning System EW-50E; Air Conditioning System TE-200A; Air Conditioning System TE-50A; Air Conditioning System TW-50A",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "Air Conditioning System G-150AD Ver. 3.21 and prior"
      },
      {
        "status": "affected",
        "version": "Air Conditioning System AG-150A-A Ver. 3.21 and prior"
      },
      {
        "status": "affected",
        "version": "Air Conditioning System AG-150A-J Ver. 3.21 and prior"
      },
      {
        "status": "affected",
        "version": "Air Conditioning System GB-50AD Ver. 3.21 and prior"
      },
      {
        "status": "affected",
        "version": "Air Conditioning System GB-50ADA-A Ver. 3.21 and prior"
      },
      {
        "status": "affected",
        "version": "Air Conditioning System GB-50ADA-J Ver. 3.21 and prior"
      },
      {
        "status": "affected",
        "version": "Air Conditioning System EB-50GU-A Ver. 7.10 and prior"
      },
      {
        "status": "affected",
        "version": "Air Conditioning System EB-50GU-J Ver. 7.10 and prior"
      },
      {
        "status": "affected",
        "version": "Air Conditioning System AE-200J Ver. 7.97 and prior"
      },
      {
        "status": "affected",
        "version": "Air Conditioning System AE-200A Ver. 7.97 and prior"
      },
      {
        "status": "affected",
        "version": "Air Conditioning System AE-200E Ver. 7.97 and prior"
      },
      {
        "status": "affected",
        "version": "Air Conditioning System AE-50J Ver. 7.97 and prior"
      },
      {
        "status": "affected",
        "version": "Air Conditioning System AE-50A Ver. 7.97 and prior"
      },
      {
        "status": "affected",
        "version": "Air Conditioning System AE-50E Ver. 7.97 and prior"
      },
      {
        "status": "affected",
        "version": "Air Conditioning System EW-50J Ver. 7.97 and prior"
      },
      {
        "status": "affected",
        "version": "Air Conditioning System EW-50A Ver. 7.97 and prior"
      },
      {
        "status": "affected",
        "version": "Air Conditioning System EW-50E Ver. 7.97 and prior"
      },
      {
        "status": "affected",
        "version": "Air Conditioning System TE-200A Ver. 7.97 and prior"
      },
      {
        "status": "affected",
        "version": "Air Conditioning System TE-50A Ver. 7.97 and prior"
      },
      {
        "status": "affected",
        "version": "Air Conditioning System TW-50A Ver. 7.97 and prior"
      }
    ]
  }
]

Source	Link
mitsubishielectric	www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-005_en.pdf
jvn	www.jvn.jp/vu/JVNVU95298925/index.html
mee	www.mee.co.jp/psirt/vulnerability/pdf/2022-001.pdf

21 Nov 2024 06:50Current

7.5High risk

Vulners AI Score7.5

CVSS 25

CVSS 3.17.5

EPSS0.0024

CWE-327