Lucene search

[email protected]NVD:CVE-2022-24946

HistoryJun 15, 2022 - 9:15 p.m.

CVE-2022-24946

2022-06-1521:15:09

CWE-667

[email protected]

web.nvd.nist.gov

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.003 Low

EPSS

Percentile

69.3%

JSON

Improper Resource Locking vulnerability in Mitsubishi Electric MELSEC iQ-R Series R12CCPU-V firmware versions “16” and prior, Mitsubishi Electric MELSEC-Q Series Q03UDECPU the first 5 digits of serial No. “24061” and prior, Mitsubishi Electric MELSEC-Q Series Q04/06/10/13/20/26/50/100UDEHCPU the first 5 digits of serial No. “24061” and prior, Mitsubishi Electric MELSEC-Q Series Q03/04/06/13/26UDVCPU the first 5 digits of serial number “24051” and prior, Mitsubishi Electric MELSEC-Q Series Q04/06/13/26UDPVCPU the first 5 digits of serial number “24051” and prior, Mitsubishi Electric MELSEC-Q Series Q12DCCPU-V all versions, Mitsubishi Electric MELSEC-Q Series Q24DHCCPU-V(G) all versions, Mitsubishi Electric MELSEC-Q Series Q24/26DHCCPU-LS all versions, Mitsubishi Electric MELSEC-L series L02/06/26CPU(-P) the first 5 digits of serial number “24051” and prior, Mitsubishi Electric MELSEC-L series L26CPU-(P)BT the first 5 digits of serial number “24051” and prior and Mitsubishi Electric MELIPC Series MI5122-VW firmware versions “05” and prior allows a remote unauthenticated attacker to cause a denial of service (DoS) condition in Ethernet communications by sending specially crafted packets. A system reset of the products is required for recovery.

Affected configurations

NVD

Node

mitsubishielectricq03udecpu_firmwareMatch-

AND

mitsubishielectricq03udecpuMatch-

Node

mitsubishielectricq04udehcpu_firmwareMatch-

AND

mitsubishielectricq04udehcpuMatch-

Node

mitsubishielectricq04udpvcpu_firmwareMatch-

AND

mitsubishielectricq04udpvcpuMatch-

Node

mitsubishielectricq04udvcpu_firmwareMatch-

AND

mitsubishielectricq04udvcpuMatch-

Node

mitsubishielectricq100udehcpu_firmwareMatch-

AND

mitsubishielectricq100udehcpuMatch-

Node

mitsubishielectricq50udehcpu_firmwareMatch-

AND

mitsubishielectricq50udehcpuMatch-

Node

mitsubishielectricq26dhccpu-ls_firmwareMatch-

AND

mitsubishielectricq26dhccpu-lsMatch-

Node

mitsubishielectricq26udehcpu_firmwareMatch-

AND

mitsubishielectricq26udehcpuMatch-

Node

mitsubishielectricq26udpvcpu_firmwareMatch-

AND

mitsubishielectricq26udpvcpuMatch-

Node

mitsubishielectricq26udvcpu_firmwareMatch-

AND

mitsubishielectricq26udvcpuMatch-

Node

mitsubishielectricq20udehcpu_firmwareMatch-

AND

mitsubishielectricq20udehcpuMatch-

Node

mitsubishielectricq13udehcpu_firmwareMatch-

AND

mitsubishielectricq13udehcpuMatch-

Node

mitsubishielectricq13udpvcpu_firmwareMatch-

AND

mitsubishielectricq13udpvcpuMatch-

Node

mitsubishielectricq13udvcpu_firmwareMatch-

AND

mitsubishielectricq13udvcpuMatch-

Node

mitsubishielectricq10udehcpu_firmwareMatch-

AND

mitsubishielectricq10udehcpuMatch-

Node

mitsubishielectricq06ccpu-v_firmwareMatch-

AND

mitsubishielectricq06ccpu-vMatch-

Node

mitsubishielectricq06phcpu_firmwareMatch-

AND

mitsubishielectricq06phcpuMatch-

Node

mitsubishielectricq06udehcpu_firmwareMatch-

AND

mitsubishielectricq06udehcpuMatch-

Node

mitsubishielectricq06udpvcpu_firmwareMatch-

AND

mitsubishielectricq06udpvcpuMatch-

Node

mitsubishielectricq06udvcpu_firmwareMatch-

AND

mitsubishielectricq06udvcpuMatch-

Node

mitsubishielectricl02cpu_firmwareMatch-

AND

mitsubishielectricl02cpuMatch-

Node

mitsubishielectricl02cpu-p_firmwareMatch-

AND

mitsubishielectricl02cpu-pMatch-

Node

mitsubishielectricl02scpu_firmwareMatch-

AND

mitsubishielectricl02scpuMatch-

Node

mitsubishielectricl02scpu-p_firmwareMatch-

AND

mitsubishielectricl02scpu-pMatch-

Node

mitsubishielectricl06cpu_firmwareMatch-

AND

mitsubishielectricl06cpuMatch-

Node

mitsubishielectricl06cpu-p_firmwareMatch-

AND

mitsubishielectricl06cpu-pMatch-

Node

mitsubishielectricl26cpu_firmwareMatch-

AND

mitsubishielectricl26cpuMatch-

Node

mitsubishielectricl26cpu-\(p\)bt_firmwareMatch-

AND

mitsubishielectricl26cpu-\(p\)btMatch-

Node

mitsubishielectricl26cpu-bt_firmwareMatch-

AND

mitsubishielectricl26cpu-btMatch-

Node

mitsubishielectricl26cpu-bt-cm_firmwareMatch-

AND

mitsubishielectricl26cpu-bt-cmMatch-

Node

mitsubishielectricl26cpu-p_firmwareMatch-

AND

mitsubishielectricl26cpu-pMatch-

Node

mitsubishielectricl26cpu-pbt_firmwareMatch-

AND

mitsubishielectricl26cpu-pbtMatch-

References

jvn.jp/vu/JVNVU90895626/index.html

www.cisa.gov/uscert/ics/advisories/icsa-22-172-01

www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-007_en.pdf

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.003 Low

EPSS

Percentile

69.3%

JSON

Related for NVD:CVE-2022-24946

cve1 ics1 cvelist1 nessus1 prion1 cnvd1