CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
Percentile
69.2%
Improper Resource Locking vulnerability in Mitsubishi Electric MELSEC-Q Series Q03UDECPU all versions, Mitsubishi Electric MELSEC-Q Series Q04/06/10/13/20/26/50/100UDEHCPU all versions, Mitsubishi Electric MELSEC-Q Series Q03/04/06/13/26UDVCPU the first 5 digits of serial number 24051 and prior, Mitsubishi Electric MELSEC-Q Series Q04/06/13/26UDPVCPU the first 5 digits of serial number 24051 and prior, Mitsubishi Electric MELSEC-L series L02/06/26CPU(-P) the first 5 digits of serial number 24051 and prior and Mitsubishi Electric MELSEC-L series L26CPU-(P)BT the first 5 digits of serial number 24051 and prior allows a remote unauthenticated attacker to cause a denial of service (DoS) condition in Ethernet communications by sending specially crafted packets. A system reset of the products is required for recovery.
This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.
##
# (C) Tenable, Inc.
##
include('compat.inc');
if (description)
{
script_id(500662);
script_version("1.7");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/09/04");
script_cve_id("CVE-2022-24946");
script_xref(name:"ICSA", value:"22-172-01");
script_name(english:"Mitsubishi Electric MELSEC iQ-R, Q, L Series and MELIPC Series Improper Resource Locking (CVE-2022-24946)");
script_set_attribute(attribute:"synopsis", value:
"The remote OT asset is affected by a vulnerability.");
script_set_attribute(attribute:"description", value:
"Improper Resource Locking vulnerability in Mitsubishi Electric
MELSEC-Q Series Q03UDECPU all versions, Mitsubishi Electric MELSEC-Q
Series Q04/06/10/13/20/26/50/100UDEHCPU all versions, Mitsubishi
Electric MELSEC-Q Series Q03/04/06/13/26UDVCPU the first 5 digits of
serial number 24051 and prior, Mitsubishi Electric MELSEC-Q Series
Q04/06/13/26UDPVCPU the first 5 digits of serial number 24051 and
prior, Mitsubishi Electric MELSEC-L series L02/06/26CPU(-P) the first
5 digits of serial number 24051 and prior and Mitsubishi Electric
MELSEC-L series L26CPU-(P)BT the first 5 digits of serial number
24051 and prior allows a remote unauthenticated attacker to cause a
denial of service (DoS) condition in Ethernet communications by
sending specially crafted packets. A system reset of the products is
required for recovery.
This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.");
# https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-007_en.pdf
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?53bebf4a");
script_set_attribute(attribute:"see_also", value:"https://jvn.jp/vu/JVNVU90895626/index.html");
script_set_attribute(attribute:"see_also", value:"https://www.cisa.gov/news-events/ics-advisories/icsa-22-172-01");
script_set_attribute(attribute:"solution", value:
"The following text was originally created by the Cybersecurity and Infrastructure Security Agency (CISA). The original
can be found at CISA.gov.
Mitsubishi has fixed the vulnerability in the following products:
- MELSEC CPU models
- iQ-R Series
- R12CCPU-V: Firmware Version 17 or later
- Q Aeries
- Q03UDECPU, Q04/06/10/13/20/26/50/100UDEHCPU: Versions with the first 5 digits of serial No. 24062 or later
- Q03/04/06/13/26UDVCPU: Versions with the first 5 digits of serial No. 24052 or later
- Q04/06/13/26UDPVCPU: Versions with the first 5 digits of serial No. 24052 or later
- L-Series
- L02/06/26CPU(-P), L26CPU-(P)BT: Versions with the first 5 digits of serial No. 24052 or later
- MELIPC Series
- MI5122-VW: Firmware Version 06 or later
Mitsubishi Electric reports that additional fixes for more hardware versions are coming in the near future. Mitsubishiรขยยs
recommendations for mitigating the risk of this vulnerability match those of CISA.
For additional information, see the Mitsubishi Electric security advisory.
Please contact Mitsubishi Electric customer support for more information on how to update specific hardware.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2022-24946");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_cwe_id(667);
script_set_attribute(attribute:"vuln_publication_date", value:"2022/06/15");
script_set_attribute(attribute:"patch_publication_date", value:"2022/06/15");
script_set_attribute(attribute:"plugin_publication_date", value:"2022/07/05");
script_set_attribute(attribute:"plugin_type", value:"remote");
script_set_attribute(attribute:"cpe", value:"cpe:/o:mitsubishielectric:l02cpu-p_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:mitsubishielectric:l02cpu_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:mitsubishielectric:l02scpu-p_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:mitsubishielectric:l02scpu_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:mitsubishielectric:l06cpu-p_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:mitsubishielectric:l06cpu_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:mitsubishielectric:l26cpu-%28p%29bt_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:mitsubishielectric:l26cpu-bt-cm_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:mitsubishielectric:l26cpu-bt_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:mitsubishielectric:l26cpu-p_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:mitsubishielectric:l26cpu-pbt_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:mitsubishielectric:l26cpu_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:mitsubishielectric:q03udecpu_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:mitsubishielectric:q04udehcpu_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:mitsubishielectric:q04udpvcpu_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:mitsubishielectric:q04udvcpu_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:mitsubishielectric:q06ccpu-v_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:mitsubishielectric:q06phcpu_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:mitsubishielectric:q06udehcpu_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:mitsubishielectric:q06udpvcpu_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:mitsubishielectric:q06udvcpu_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:mitsubishielectric:q100udehcpu_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:mitsubishielectric:q10udehcpu_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:mitsubishielectric:q13udehcpu_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:mitsubishielectric:q13udpvcpu_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:mitsubishielectric:q13udvcpu_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:mitsubishielectric:q20udehcpu_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:mitsubishielectric:q26dhccpu-ls_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:mitsubishielectric:q26udehcpu_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:mitsubishielectric:q26udpvcpu_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:mitsubishielectric:q26udvcpu_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:mitsubishielectric:q50udehcpu_firmware:-");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Tenable.ot");
script_copyright(english:"This script is Copyright (C) 2022-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("tenable_ot_api_integration.nasl");
script_require_keys("Tenable.ot/Mitsubishi");
exit(0);
}
include('tenable_ot_cve_funcs.inc');
get_kb_item_or_exit('Tenable.ot/Mitsubishi');
var asset = tenable_ot::assets::get(vendor:'Mitsubishi');
var vuln_cpes = {
"cpe:/o:mitsubishielectric:q03udecpu_firmware:-" :
{"family" : "MELSECQ"},
"cpe:/o:mitsubishielectric:q04udehcpu_firmware:-" :
{"family" : "MELSECQ"},
"cpe:/o:mitsubishielectric:q04udpvcpu_firmware:-" :
{"family" : "MELSECQ"},
"cpe:/o:mitsubishielectric:q04udvcpu_firmware:-" :
{"family" : "MELSECQ"},
"cpe:/o:mitsubishielectric:q100udehcpu_firmware:-" :
{"family" : "MELSECQ"},
"cpe:/o:mitsubishielectric:q50udehcpu_firmware:-" :
{"family" : "MELSECQ"},
"cpe:/o:mitsubishielectric:q26dhccpu-ls_firmware:-" :
{"family" : "MELSECQ"},
"cpe:/o:mitsubishielectric:q26udehcpu_firmware:-" :
{"family" : "MELSECQ"},
"cpe:/o:mitsubishielectric:q26udpvcpu_firmware:-" :
{"family" : "MELSECQ"},
"cpe:/o:mitsubishielectric:q26udvcpu_firmware:-" :
{"family" : "MELSECQ"},
"cpe:/o:mitsubishielectric:q20udehcpu_firmware:-" :
{"family" : "MELSECQ"},
"cpe:/o:mitsubishielectric:q13udehcpu_firmware:-" :
{"family" : "MELSECQ"},
"cpe:/o:mitsubishielectric:q13udpvcpu_firmware:-" :
{"family" : "MELSECQ"},
"cpe:/o:mitsubishielectric:q13udvcpu_firmware:-" :
{"family" : "MELSECQ"},
"cpe:/o:mitsubishielectric:q10udehcpu_firmware:-" :
{"family" : "MELSECQ"},
"cpe:/o:mitsubishielectric:q06ccpu-v_firmware:-" :
{"family" : "MELSECQ"},
"cpe:/o:mitsubishielectric:q06phcpu_firmware:-" :
{"family" : "MELSECQ"},
"cpe:/o:mitsubishielectric:q06udehcpu_firmware:-" :
{"family" : "MELSECQ"},
"cpe:/o:mitsubishielectric:q06udpvcpu_firmware:-" :
{"family" : "MELSECQ"},
"cpe:/o:mitsubishielectric:q06udvcpu_firmware:-" :
{"family" : "MELSECQ"},
"cpe:/o:mitsubishielectric:l02cpu_firmware:-" :
{"family" : "MELSECL"},
"cpe:/o:mitsubishielectric:l02cpu-p_firmware:-" :
{"family" : "MELSECL"},
"cpe:/o:mitsubishielectric:l02scpu_firmware:-" :
{"family" : "MELSECL"},
"cpe:/o:mitsubishielectric:l02scpu-p_firmware:-" :
{"family" : "MELSECL"},
"cpe:/o:mitsubishielectric:l06cpu_firmware:-" :
{"family" : "MELSECL"},
"cpe:/o:mitsubishielectric:l06cpu-p_firmware:-" :
{"family" : "MELSECL"},
"cpe:/o:mitsubishielectric:l26cpu_firmware:-" :
{"family" : "MELSECL"},
"cpe:/o:mitsubishielectric:l26cpu-%28p%29bt_firmware:-" :
{"family" : "MELSECL"},
"cpe:/o:mitsubishielectric:l26cpu-bt_firmware:-" :
{"family" : "MELSECL"},
"cpe:/o:mitsubishielectric:l26cpu-bt-cm_firmware:-" :
{"family" : "MELSECL"},
"cpe:/o:mitsubishielectric:l26cpu-p_firmware:-" :
{"family" : "MELSECL"},
"cpe:/o:mitsubishielectric:l26cpu-pbt_firmware:-" :
{"family" : "MELSECL"}
};
tenable_ot::cve::compare_and_report(asset:asset, cpes:vuln_cpes, severity:SECURITY_HOLE);
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
Percentile
69.2%