4 matches found
Mitsubishi Electric FA Products Use of Password Hash Instead of Password For Authentication (CVE-2022-25157)
Use of Password Hash Instead of Password for Authentication vulnerability in Mitsubishi Electric MELSEC iQ-F series FX5UC CPU all versions and Mitsubishi Electric MELSEC iQ-F series FX5UJ CPU all versions allows a remote unauthenticated attacker to disclose or tamper with the information in the...
CVE-2022-25157
creationtimestamp| type| source ---|---|--- 2022-04-02 02:20:25+00:00| seen| https://t.me/cibsecurity/40042...
CVE-2022-25157
CVE-2022-25157 affects Mitsubishi Electric MELSEC iQ-F/R/Q/L series (e.g., FX5U/FX5UJ, R00/01/02/04/08/16/32/120, Q, L lines and related RJ/J/Q modules). The vulnerability arises from using a password hash instead of the actual password for authentication, enabling a remote, unauthenticated attac...
Mitsubishi Electric FA Products
1. EXECUTIVE SUMMARY CVSS v3 7.4 ATTENTION: Exploitable remotely Vendor: Mitsubishi Electric Equipment: FA products Vulnerabilities: Use of Password Hash Instead of Password for Authentication, Use of Weak Hash, Cleartext Storage of Sensitive Information, Authentication Bypass by Capture-replay...