Attacker Value
Unknown
(0 users assessed)
Exploitability
Unknown
(0 users assessed)
User Interaction
None
Privileges Required
None
Attack Vector
Network
0

CVE-2022-33324

Disclosure Date: December 23, 2022
CVE-2022-33324 CVSS v3 Base Score: 7.5
Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

Improper Resource Shutdown or Release vulnerability in Mitsubishi Electric Corporation MELSEC iQ-R Series R00/01/02CPU Firmware versions “32” and prior, Mitsubishi Electric Corporation MELSEC iQ-R Series R04/08/16/32/120(EN)CPU Firmware versions “65” and prior, Mitsubishi Electric Corporation MELSEC iQ-R Series R08/16/32/120SFCPU Firmware versions “29” and prior, Mitsubishi Electric Corporation MELSEC iQ-R Series R08/16/32/120PSFCPU Firmware versions “08” and prior, Mitsubishi Electric Corporation MELSEC iQ-R Series R12CCPU-V Firmware versions “17” and prior, Mitsubishi Electric Corporation MELSEC iQ-L Series L04/08/16/32HCPU Firmware versions “05” and prior and Mitsubishi Electric Corporation MELIPC Series MI5122-VW Firmware versions “07” and prior allows a remote unauthenticated attacker to cause a Denial of Service condition in Ethernet communication on the module by sending specially crafted packets. A system reset of the module is required for recovery.

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

CVSS V3 Severity and Metrics
Base Score:
7.5 High
Impact Score:
3.6
Exploitability Score:
3.9
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector (AV):
Network
Attack Complexity (AC):
Low
Privileges Required (PR):
None
User Interaction (UI):
None
Scope (S):
Unchanged
Confidentiality (C):
None
Integrity (I):
None
Availability (A):
High

General Information

Offensive Application
Unknown
Utility Class
Unknown
Ports
Unknown
OS
Unknown
Vulnerable Versions
MELSEC iQ-R Series R00CPU Firmware versions "32" and prior
MELSEC iQ-R Series R01CPU Firmware versions "32" and prior
MELSEC iQ-R Series R02CPU Firmware versions "32" and prior
MELSEC iQ-R Series R04CPU Firmware versions "65" and prior
MELSEC iQ-R Series R08CPU Firmware versions "65" and prior
MELSEC iQ-R Series R16CPU Firmware versions "65" and prior
MELSEC iQ-R Series R32CPU Firmware versions "65" and prior
MELSEC iQ-R Series R120CPU Firmware versions "65" and prior
MELSEC iQ-R Series R04ENCPU Firmware versions "65" and prior
MELSEC iQ-R Series R08ENCPU Firmware versions "65" and prior
MELSEC iQ-R Series R16ENCPU Firmware versions "65" and prior
MELSEC iQ-R Series R32ENCPU Firmware versions "65" and prior
MELSEC iQ-R Series R120ENCPU Firmware versions "65" and prior
MELSEC iQ-R Series R08SFCPU Firmware versions "29" and prior
MELSEC iQ-R Series R16SFCPU Firmware versions "29" and prior
MELSEC iQ-R Series R32SFCPU Firmware versions "29" and prior
MELSEC iQ-R Series R120SFCPU Firmware versions "29" and prior
MELSEC iQ-R Series R12CCPU-V Firmware versions "17" and prior
MELSEC iQ-L Series L04HCPU Firmware versions "05" and prior
MELSEC iQ-L Series L08HCPU Firmware versions "05" and prior
MELSEC iQ-L Series L16HCPU Firmware versions "05" and prior
MELSEC iQ-L Series L32HCPU Firmware versions "05" and prior
MELIPC Series MI5122-VW Firmware versions "07" and prior
MELSEC iQ-R Series R08PSFCPU Firmware versions "08" and prior
MELSEC iQ-R Series R16PSFCPU Firmware versions "08" and prior
MELSEC iQ-R Series R32PSFCPU Firmware versions "08" and prior
MELSEC iQ-R Series R120PSFCPU Firmware versions "08" and prior
Prerequisites
Unknown
Discovered By
Unknown
PoC Author
Unknown
Metasploit Module
Unknown
Reporter
Unknown

Additional Info

Authenticated
Unknown
Exploitable
Unknown
Reliability
Unknown
Stability
Unknown
Available Mitigations
Unknown
Shelf Life
Unknown
Userbase/Installbase
Unknown
Patch Effectiveness
Unknown
Technical Analysis