Lucene search
This script is Copyright (C) 2022-2024 and is owned by Tenable, Inc. or an Affiliate thereof.TENABLE_OT_MITSUBISHI_CVE-2022-25158.NASLHistoryApr 28, 2022 - 12:00 a.m.
Mitsubishi Electric FA Products Cleartext Storage of Sensitive Information (CVE-2022-25158)
2022-04-2800:00:00
This script is Copyright (C) 2022-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
42
mitsubishi electric
fa products
vulnerability
cleartext storage
sensitive information
cve-2022-25158
melsec iq-f series
fx5u(c) cpu
fx5uj cpu
tenable
ot asset
remote
disclosure
tamper
file
password hash
cleartext
vpn
firewalls
ip filter
cisa
advisory
exploitation
mitigation
CVSS2
6.4
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:P/A:N
CVSS3
9.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
AI Score
9.3
Confidence
High
EPSS
0.002
Percentile
56.3%
Cleartext Storage of Sensitive Information vulnerability in Mitsubishi Electric MELSEC iQ-F series FX5U© CPU all versions and Mitsubishi Electric MELSEC iQ-F series FX5UJ CPU all versions allows a remote attacker to disclose or tamper with a file in which password hash is saved in cleartext.
This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information.
#%NASL_MIN_LEVEL 70300
##
# (C) Tenable, Inc.
##
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(500645);
script_version("1.7");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/09/04");
script_cve_id("CVE-2022-25158");
script_xref(name:"ICSA", value:"22-090-04");
script_name(english:"Mitsubishi Electric FA Products Cleartext Storage of Sensitive Information (CVE-2022-25158)");
script_set_attribute(attribute:"synopsis", value:
"The remote OT asset is affected by a vulnerability.");
script_set_attribute(attribute:"description", value:
"Cleartext Storage of Sensitive Information vulnerability in Mitsubishi Electric MELSEC iQ-F series FX5U(C) CPU all
versions and Mitsubishi Electric MELSEC iQ-F series FX5UJ CPU all versions allows a remote attacker to disclose or
tamper with a file in which password hash is saved in cleartext.
This plugin only works with Tenable.ot. Please visit
https://www.tenable.com/products/tenable-ot for more information.");
script_set_attribute(attribute:"see_also", value:"https://jvn.jp/vu/JVNVU96577897/index.html");
# https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-031_en.pdf
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?b01f6da0");
script_set_attribute(attribute:"see_also", value:"https://www.cisa.gov/uscert/ics/advisories/icsa-22-090-04");
script_set_attribute(attribute:"solution", value:
'The following text was originally created by the Cybersecurity and Infrastructure Security Agency (CISA). The original
can be found at CISA.gov.
Mitsubishi Electric recommends users take the following mitigation measures to minimize the risk of exploitation of
these vulnerabilities:
- When communicating via untrusted networks or hosts, encrypt the communication path by setting up a VPN.
- Use firewalls or IP filter function to restrict connections to the products and prevent access from untrusted networks
or hosts. For details on IP filter function, refer to the following product manual:
- â12.1 IP Filter Functionâ in the MELSEC iQ-F FX 5 Userâs Manual (Ethernet Communication)
- "IP filter" of "1.13 Security" in the MELSEC iQ-R Ethernet User\'s Manual (Application)
- "IP Filter Function" of "6.2 Security Function" in the MELSEC iQ-R Motion Controller Programming Manual (Common)
- "IP filter" of "1.4 Security" in the MELSEC iQ-R CC-Link IE TSN User\'s Manual (Application)
- "IP filter" of "9.5 Security" in the MELSEC iQ-R CC-Link IE TSN Plus Master/Local Module Userâs Manual
- "14.3 IP Filter Function" in the Q Corresponding Ethernet Interface Module User\'s Manual (Basic)
- "14.3 IP Filter Function" in the MELSEC-L Ethernet Interface Module User\'s Manual (Basic)
For more information see Mitsubishi Electricâs advisory 2021-031');
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2022-25158");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_cwe_id(312);
script_set_attribute(attribute:"vuln_publication_date", value:"2022/04/01");
script_set_attribute(attribute:"patch_publication_date", value:"2022/04/01");
script_set_attribute(attribute:"plugin_publication_date", value:"2022/04/28");
script_set_attribute(attribute:"plugin_type", value:"remote");
script_set_attribute(attribute:"cpe", value:"cpe:/o:mitsubishielectric:fx5uc-32mr%2fds-ts_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:mitsubishielectric:fx5uc-32mt%2fd_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:mitsubishielectric:fx5uc-32mt%2fds-ts_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:mitsubishielectric:fx5uc-32mt%2fdss-ts_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:mitsubishielectric:fx5uc-32mt%2fdss_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:mitsubishielectric:fx5uc_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:mitsubishielectric:fx5uj-24mr%2fes_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:mitsubishielectric:fx5uj-24mt%2fes_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:mitsubishielectric:fx5uj-24mt%2fess_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:mitsubishielectric:fx5uj-40mr%2fes_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:mitsubishielectric:fx5uj-40mt%2fes_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:mitsubishielectric:fx5uj-40mt%2fess_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:mitsubishielectric:fx5uj-60mr%2fes_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:mitsubishielectric:fx5uj-60mt%2fes_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:mitsubishielectric:fx5uj-60mt%2fess_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:mitsubishielectric:fx5uj_firmware:-");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Tenable.ot");
script_copyright(english:"This script is Copyright (C) 2022-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("tenable_ot_api_integration.nasl");
script_require_keys("Tenable.ot/Mitsubishi");
exit(0);
}
include('tenable_ot_cve_funcs.inc');
get_kb_item_or_exit('Tenable.ot/Mitsubishi');
var asset = tenable_ot::assets::get(vendor:'Mitsubishi');
var vuln_cpes = {
"cpe:/o:mitsubishielectric:fx5uc_firmware:-" :
{"family" : "MELSECiQF"},
"cpe:/o:mitsubishielectric:fx5uc-32mr%2fds-ts_firmware:-" :
{"family" : "MELSECiQF"},
"cpe:/o:mitsubishielectric:fx5uc-32mt%2fd_firmware:-" :
{"family" : "MELSECiQF"},
"cpe:/o:mitsubishielectric:fx5uc-32mt%2fdss_firmware:-" :
{"family" : "MELSECiQF"},
"cpe:/o:mitsubishielectric:fx5uj-24mr%2fes_firmware:-" :
{"family" : "MELSECiQF"},
"cpe:/o:mitsubishielectric:fx5uj-24mt%2fes_firmware:-" :
{"family" : "MELSECiQF"},
"cpe:/o:mitsubishielectric:fx5uj-24mt%2fess_firmware:-" :
{"family" : "MELSECiQF"},
"cpe:/o:mitsubishielectric:fx5uj-40mr%2fes_firmware:-" :
{"family" : "MELSECiQF"},
"cpe:/o:mitsubishielectric:fx5uj-40mt%2fes_firmware:-" :
{"family" : "MELSECiQF"},
"cpe:/o:mitsubishielectric:fx5uj-40mt%2fess_firmware:-" :
{"family" : "MELSECiQF"},
"cpe:/o:mitsubishielectric:fx5uj-60mr%2fes_firmware:-" :
{"family" : "MELSECiQF"},
"cpe:/o:mitsubishielectric:fx5uj-60mt%2fes_firmware:-" :
{"family" : "MELSECiQF"},
"cpe:/o:mitsubishielectric:fx5uj-60mt%2fess_firmware:-" :
{"family" : "MELSECiQF"},
"cpe:/o:mitsubishielectric:fx5uc-32mt%2fdss-ts_firmware:-" :
{"family" : "MELSECiQF"},
"cpe:/o:mitsubishielectric:fx5uc-32mt%2fds-ts_firmware:-" :
{"family" : "MELSECiQF"},
"cpe:/o:mitsubishielectric:fx5uj_firmware:-" :
{"family" : "MELSECiQF"}
};
tenable_ot::cve::compare_and_report(asset:asset, cpes:vuln_cpes, severity:SECURITY_WARNING);
Related
cve
cve
CVE-2022-25158
2022-04-01 23:15:14
prion
prion
Design/Logic Flaw
2022-04-01 23:15:00
ptsecurity
ptsecurity
nvd
nvd
CVE-2022-25158
2022-04-01 23:15:14
cvelist
cvelist
CVE-2022-25158
2022-04-01 22:18:01
ics
ics
Mitsubishi Electric FA Products (Update A)
2022-06-01 12:00:00
CVSS2
6.4
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:P/A:N
CVSS3
9.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
AI Score
9.3
Confidence
High
EPSS
0.002
Percentile
56.3%
Related for TENABLE_OT_MITSUBISHI_CVE-2022-25158.NASL