CVE-2022-24946

🗓️ 15 Jun 2022 20:18:35Reported by MitsubishiType

cve🔗 web.nvd.nist.gov📰️ 5 Media mentions👁 86 Views

Improper Resource Locking vulnerability in Mitsubishi Electric MELSEC iQ-R Series R12CCPU-V firmware versions "16" and prior, Mitsubishi Electric MELSEC-Q Series Q03UDECPU the first 5 digits of serial No. "24061" and prior, Mitsubishi Electric MELSEC-Q Series Q04/06/10/13/20/26/50/100UDEHCPU the first 5 digits of serial No. "24061" and prior, Mitsubishi Electric MELSEC-Q Series Q03/04/06/13/26UDVCPU the first 5 digits of serial number "24051" and prior, Mitsubishi Electric MELSEC-Q Series Q04/06/13/26UDPVCPU the first 5 digits of serial number "24051" and prior, Mitsubishi Electric MELSEC-Q Series Q12DCCPU-V all versions, Mitsubishi Electric MELSEC-Q Series Q24DHCCPU-V(G) all versions, Mitsubishi Electric MELSEC-Q Series Q24/26DHCCPU-LS all versions, Mitsubishi Electric MELSEC-L series L02/06/26CPU(-P) the first 5 digits of serial number "24051" and prior, Mitsubishi Electric MELSEC-L series L26CPU-(P)BT the first 5 digits of serial number "24051" and prior and Mitsubishi Electric MELIPC Series MI5122-VW firmware versions "05" and prior allows a remote unauthenticated attacker to cause a denial of service (DoS) condition in Ethernet communications by sending specially crafted packets. A system reset of the products is required for recovery

Reporter	Title	Published	Views	Family All 12
ATTACKERKB	CVE-2022-24946	15 Jun 202221:15	–	attackerkb
CNNVD	Mitsubishi Electric MELSEC-Q Series 安全漏洞	15 Jun 202200:00	–	cnnvd
CNVD	Mitsubishi Electric MELSEC-Q Series Denial of Service Vulnerability	17 Jun 202200:00	–	cnvd
Cvelist	CVE-2022-24946	15 Jun 202220:18	–	cvelist
EUVD	EUVD-2022-29701	3 Oct 202520:07	–	euvd
ICS	Mitsubishi Electric MELSEC iQ-R, Q, L Series and MELIPC Series (Update C)	14 Jun 202206:00	–	ics
NVD	CVE-2022-24946	15 Jun 202221:15	–	nvd
Prion	Design/Logic Flaw	15 Jun 202221:15	–	prion
Positive Technologies	PT-2022-17002 · Mitsubishi · Melsec Q Series Q04/06/13/26Udpvcpu +10	15 Jun 202200:00	–	ptsecurity
RedhatCVE	CVE-2022-24946	23 May 202501:09	–	redhatcve

NVD

Node

mitsubishielectric q03udecpu_firmwareMatch-

AND

mitsubishielectric q03udecpuMatch-

Node

mitsubishielectric q04udehcpu_firmwareMatch-

AND

mitsubishielectric q04udehcpuMatch-

Node

mitsubishielectric q04udpvcpu_firmwareMatch-

AND

mitsubishielectric q04udpvcpuMatch-

Node

mitsubishielectric q04udvcpu_firmwareMatch-

AND

mitsubishielectric q04udvcpuMatch-

Node

mitsubishielectric q100udehcpu_firmwareMatch-

AND

mitsubishielectric q100udehcpuMatch-

Node

mitsubishielectric q50udehcpu_firmwareMatch-

AND

mitsubishielectric q50udehcpuMatch-

Node

mitsubishielectric q26dhccpu-ls_firmwareMatch-

AND

mitsubishielectric q26dhccpu-lsMatch-

Node

mitsubishielectric q26udehcpu_firmwareMatch-

AND

mitsubishielectric q26udehcpuMatch-

Node

mitsubishielectric q26udpvcpu_firmwareMatch-

AND

mitsubishielectric q26udpvcpuMatch-

Node

mitsubishielectric q26udvcpu_firmwareMatch-

AND

mitsubishielectric q26udvcpuMatch-

Node

mitsubishielectric q20udehcpu_firmwareMatch-

AND

mitsubishielectric q20udehcpuMatch-

Node

mitsubishielectric q13udehcpu_firmwareMatch-

AND

mitsubishielectric q13udehcpuMatch-

Node

mitsubishielectric q13udpvcpu_firmwareMatch-

AND

mitsubishielectric q13udpvcpuMatch-

Node

mitsubishielectric q13udvcpu_firmwareMatch-

AND

mitsubishielectric q13udvcpuMatch-

Node

mitsubishielectric q10udehcpu_firmwareMatch-

AND

mitsubishielectric q10udehcpuMatch-

Node

mitsubishielectric q06ccpu-v_firmwareMatch-

AND

mitsubishielectric q06ccpu-vMatch-

Node

mitsubishielectric q06phcpu_firmwareMatch-

AND

mitsubishielectric q06phcpuMatch-

Node

mitsubishielectric q06udehcpu_firmwareMatch-

AND

mitsubishielectric q06udehcpuMatch-

Node

mitsubishielectric q06udpvcpu_firmwareMatch-

AND

mitsubishielectric q06udpvcpuMatch-

Node

mitsubishielectric q06udvcpu_firmwareMatch-

AND

mitsubishielectric q06udvcpuMatch-

Node

mitsubishielectric l02cpu_firmwareMatch-

AND

mitsubishielectric l02cpuMatch-

Node

mitsubishielectric l02cpu-p_firmwareMatch-

AND

mitsubishielectric l02cpu-pMatch-

Node

mitsubishielectric l02scpu_firmwareMatch-

AND

mitsubishielectric l02scpuMatch-

Node

mitsubishielectric l02scpu-p_firmwareMatch-

AND

mitsubishielectric l02scpu-pMatch-

Node

mitsubishielectric l06cpu_firmwareMatch-

AND

mitsubishielectric l06cpuMatch-

Node

mitsubishielectric l06cpu-p_firmwareMatch-

AND

mitsubishielectric l06cpu-pMatch-

Node

mitsubishielectric l26cpu_firmwareMatch-

AND

mitsubishielectric l26cpuMatch-

Node

mitsubishielectric l26cpu-(p)bt_firmwareMatch-

AND

mitsubishielectric l26cpu-(p)btMatch-

Node

mitsubishielectric l26cpu-bt_firmwareMatch-

AND

mitsubishielectric l26cpu-btMatch-

Node

mitsubishielectric l26cpu-bt-cm_firmwareMatch-

AND

mitsubishielectric l26cpu-bt-cmMatch-

Node

mitsubishielectric l26cpu-p_firmwareMatch-

AND

mitsubishielectric l26cpu-pMatch-

Node

mitsubishielectric l26cpu-pbt_firmwareMatch-

AND

mitsubishielectric l26cpu-pbtMatch-

[
  {
    "product": "Mitsubishi Electric MELSEC iQ-R Series R12CCPU-V; Mitsubishi Electric MELSEC-Q Series Q03UDECPU; Mitsubishi Electric MELSEC-Q Series Q04/06/10/13/20/26/50/100UDEHCPU; Mitsubishi Electric MELSEC-Q Series Q03/04/06/13/26UDVCPU; Mitsubishi Electric MELSEC-Q Series Q04/06/13/26UDPVCPU; Mitsubishi Electric MELSEC-Q Series Q12DCCPU-V; Mitsubishi Electric MELSEC-Q Series Q24DHCCPU-V(G); Mitsubishi Electric MELSEC-Q Series Q24/26DHCCPU-LS; Mitsubishi Electric MELSEC-L series L02/06/26CPU(-P); Mitsubishi Electric MELSEC-L series L26CPU-(P)BT; Mitsubishi Electric MELIPC Series MI5122-VW",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "Mitsubishi Electric MELSEC iQ-R Series R12CCPU-V firmware versions \"16\" and prior"
      },
      {
        "status": "affected",
        "version": "Mitsubishi Electric MELSEC-Q Series Q03UDECPU the first 5 digits of serial No. \"24061\" and prior"
      },
      {
        "status": "affected",
        "version": "Mitsubishi Electric MELSEC-Q Series Q04/06/10/13/20/26/50/100UDEHCPU the first 5 digits of serial No. \"24061\" and prior"
      },
      {
        "status": "affected",
        "version": "Mitsubishi Electric MELSEC-Q Series Q03/04/06/13/26UDVCPU the first 5 digits of serial number \"24051\" and prior"
      },
      {
        "status": "affected",
        "version": "Mitsubishi Electric MELSEC-Q Series Q04/06/13/26UDPVCPU the first 5 digits of serial number \"24051\" and prior"
      },
      {
        "status": "affected",
        "version": "Mitsubishi Electric MELSEC-Q Series Q12DCCPU-V all versions"
      },
      {
        "status": "affected",
        "version": "Mitsubishi Electric MELSEC-Q Series Q24DHCCPU-V(G) all versions"
      },
      {
        "status": "affected",
        "version": "Mitsubishi Electric MELSEC-Q Series Q24/26DHCCPU-LS all versions"
      },
      {
        "status": "affected",
        "version": "Mitsubishi Electric MELSEC-L series L02/06/26CPU(-P) the first 5 digits of serial number \"24051\" and prior"
      },
      {
        "status": "affected",
        "version": "Mitsubishi Electric MELSEC-L series L26CPU-(P)BT the first 5 digits of serial number \"24051\" and prior"
      },
      {
        "status": "affected",
        "version": "Mitsubishi Electric MELIPC Series MI5122-VW firmware versions \"05\" and prior"
      }
    ]
  }
]

Source	Link
jvn	www.jvn.jp/vu/JVNVU90895626/index.html
cisa	www.cisa.gov/uscert/ics/advisories/icsa-22-172-01
mitsubishielectric	www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-007_en.pdf