Attacker Value
Unknown
(0 users assessed)
Exploitability
Unknown
(0 users assessed)
User Interaction
None
Privileges Required
None
Attack Vector
Network
0

CVE-2022-25161

Disclosure Date: May 18, 2022
CVE-2022-25161 CVSS v3 Base Score: 8.6
Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

Improper Input Validation vulnerability in Mitsubishi Electric MELSEC iQ-F series FX5U-xMy/z(x=32,64,80, y=T,R, z=ES,DS,ESS,DSS) with serial number 17X**** or later and versions prior to 1.270, Mitsubishi Electric Mitsubishi Electric MELSEC iQ-F series FX5U-xMy/z(x=32,64,80, y=T,R, z=ES,DS,ESS,DSS) with serial number 179**** and prior and versions prior to 1.073, MELSEC iQ-F series FX5UC-xMy/z(x=32,64,96, y=T,R, z=D,DSS) with serial number 17X**** or later and versions prior to 1.270, Mitsubishi Electric MELSEC iQ-F series FX5UC-xMy/z(x=32,64,96, y=T,R, z=D,DSS) with serial number 179**** and prior and versions prior to 1.073, Mitsubishi Electric MELSEC iQ-F series FX5UC-32MT/DS-TS versions prior to 1.270, Mitsubishi Electric MELSEC iQ-F series FX5UC-32MT/DSS-TS versions prior to 1.270, Mitsubishi Electric MELSEC iQ-F series FX5UC-32MR/DS-TS versions prior to 1.270, Mitsubishi Electric MELSEC iQ-F series FX5UJ-xMy/z(x=24,40,60, y=T,R, z=ES,ESS) versions prior to 1.030, Mitsubishi Electric MELSEC iQ-F series FX5UJ-xMy/ES-A(x=24,40,60, y=T,R) versions prior to 1.031 and Mitsubishi Electric MELSEC iQ-F series FX5S-xMy/z(x=30,40,60,80, y=T,R, z=ES,ESS) version 1.000 allows a remote unauthenticated attacker to cause a DoS condition for the product’s program execution or communication by sending specially crafted packets. System reset of the product is required for recovery.

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

CVSS V3 Severity and Metrics
Base Score:
8.6 High
Impact Score:
4
Exploitability Score:
3.9
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Attack Vector (AV):
Network
Attack Complexity (AC):
Low
Privileges Required (PR):
None
User Interaction (UI):
None
Scope (S):
Changed
Confidentiality (C):
None
Integrity (I):
None
Availability (A):
High

General Information

Offensive Application
Unknown
Utility Class
Unknown
Ports
Unknown
OS
Unknown
Vulnerable Versions
Mitsubishi Electric MELSEC iQ-F series FX5U-xMy/z(x=32,64,80, y=T,R, z=ES,DS,ESS,DSS); Mitsubishi Electric MELSEC iQ-F series FX5UC-xMy/z(x=32,64,96, y=T,R, z=D,DSS); Mitsubishi Electric MELSEC iQ-F series FX5UC-32MT/DS-TS; Mitsubishi Electric MELSEC iQ-F series FX5UC-32MT/DSS-TS; Mitsubishi Electric MELSEC iQ-F series FX5UC-32MR/DS-TS; Mitsubishi Electric MELSEC iQ-F series FX5UJ-xMy/z(x=24,40,60, y=T,R, z=ES,ESS); Mitsubishi Electric MELSEC iQ-F series FX5UJ-xMy/ES-A(x=24,40,60, y=T,R); Mitsubishi Electric MELSEC iQ-F series FX5S-xMy/z(x=30,40,60,80, y=T,R, z=ES,ESS) Mitsubishi Electric MELSEC iQ-F series FX5U-xMy/z(x=32,64,80, y=T,R, z=ES,DS,ESS,DSS) with serial number 17X**** or later and versions prior to 1.270
Mitsubishi Electric MELSEC iQ-F series FX5U-xMy/z(x=32,64,80, y=T,R, z=ES,DS,ESS,DSS); Mitsubishi Electric MELSEC iQ-F series FX5UC-xMy/z(x=32,64,96, y=T,R, z=D,DSS); Mitsubishi Electric MELSEC iQ-F series FX5UC-32MT/DS-TS; Mitsubishi Electric MELSEC iQ-F series FX5UC-32MT/DSS-TS; Mitsubishi Electric MELSEC iQ-F series FX5UC-32MR/DS-TS; Mitsubishi Electric MELSEC iQ-F series FX5UJ-xMy/z(x=24,40,60, y=T,R, z=ES,ESS); Mitsubishi Electric MELSEC iQ-F series FX5UJ-xMy/ES-A(x=24,40,60, y=T,R); Mitsubishi Electric MELSEC iQ-F series FX5S-xMy/z(x=30,40,60,80, y=T,R, z=ES,ESS) Mitsubishi Electric MELSEC iQ-F series FX5U-xMy/z(x=32,64,80, y=T,R, z=ES,DS,ESS,DSS) with serial number 179**** and prior and versions prior to 1.073
Mitsubishi Electric MELSEC iQ-F series FX5U-xMy/z(x=32,64,80, y=T,R, z=ES,DS,ESS,DSS); Mitsubishi Electric MELSEC iQ-F series FX5UC-xMy/z(x=32,64,96, y=T,R, z=D,DSS); Mitsubishi Electric MELSEC iQ-F series FX5UC-32MT/DS-TS; Mitsubishi Electric MELSEC iQ-F series FX5UC-32MT/DSS-TS; Mitsubishi Electric MELSEC iQ-F series FX5UC-32MR/DS-TS; Mitsubishi Electric MELSEC iQ-F series FX5UJ-xMy/z(x=24,40,60, y=T,R, z=ES,ESS); Mitsubishi Electric MELSEC iQ-F series FX5UJ-xMy/ES-A(x=24,40,60, y=T,R); Mitsubishi Electric MELSEC iQ-F series FX5S-xMy/z(x=30,40,60,80, y=T,R, z=ES,ESS) Mitsubishi Electric MELSEC iQ-F series FX5UC-xMy/z(x=32,64,96, y=T,R, z=D,DSS) with serial number 17X**** or later and versions prior to 1.270
Mitsubishi Electric MELSEC iQ-F series FX5U-xMy/z(x=32,64,80, y=T,R, z=ES,DS,ESS,DSS); Mitsubishi Electric MELSEC iQ-F series FX5UC-xMy/z(x=32,64,96, y=T,R, z=D,DSS); Mitsubishi Electric MELSEC iQ-F series FX5UC-32MT/DS-TS; Mitsubishi Electric MELSEC iQ-F series FX5UC-32MT/DSS-TS; Mitsubishi Electric MELSEC iQ-F series FX5UC-32MR/DS-TS; Mitsubishi Electric MELSEC iQ-F series FX5UJ-xMy/z(x=24,40,60, y=T,R, z=ES,ESS); Mitsubishi Electric MELSEC iQ-F series FX5UJ-xMy/ES-A(x=24,40,60, y=T,R); Mitsubishi Electric MELSEC iQ-F series FX5S-xMy/z(x=30,40,60,80, y=T,R, z=ES,ESS) Mitsubishi Electric MELSEC iQ-F series FX5UC-xMy/z(x=32,64,96, y=T,R, z=D,DSS) with serial number 179**** and prior and versions prior to 1.073
Mitsubishi Electric MELSEC iQ-F series FX5U-xMy/z(x=32,64,80, y=T,R, z=ES,DS,ESS,DSS); Mitsubishi Electric MELSEC iQ-F series FX5UC-xMy/z(x=32,64,96, y=T,R, z=D,DSS); Mitsubishi Electric MELSEC iQ-F series FX5UC-32MT/DS-TS; Mitsubishi Electric MELSEC iQ-F series FX5UC-32MT/DSS-TS; Mitsubishi Electric MELSEC iQ-F series FX5UC-32MR/DS-TS; Mitsubishi Electric MELSEC iQ-F series FX5UJ-xMy/z(x=24,40,60, y=T,R, z=ES,ESS); Mitsubishi Electric MELSEC iQ-F series FX5UJ-xMy/ES-A(x=24,40,60, y=T,R); Mitsubishi Electric MELSEC iQ-F series FX5S-xMy/z(x=30,40,60,80, y=T,R, z=ES,ESS) Mitsubishi Electric MELSEC iQ-F series FX5UC-32MT/DS-TS versions prior to 1.270
Mitsubishi Electric MELSEC iQ-F series FX5U-xMy/z(x=32,64,80, y=T,R, z=ES,DS,ESS,DSS); Mitsubishi Electric MELSEC iQ-F series FX5UC-xMy/z(x=32,64,96, y=T,R, z=D,DSS); Mitsubishi Electric MELSEC iQ-F series FX5UC-32MT/DS-TS; Mitsubishi Electric MELSEC iQ-F series FX5UC-32MT/DSS-TS; Mitsubishi Electric MELSEC iQ-F series FX5UC-32MR/DS-TS; Mitsubishi Electric MELSEC iQ-F series FX5UJ-xMy/z(x=24,40,60, y=T,R, z=ES,ESS); Mitsubishi Electric MELSEC iQ-F series FX5UJ-xMy/ES-A(x=24,40,60, y=T,R); Mitsubishi Electric MELSEC iQ-F series FX5S-xMy/z(x=30,40,60,80, y=T,R, z=ES,ESS) Mitsubishi Electric MELSEC iQ-F series FX5UC-32MT/DSS-TS versions prior to 1.270
Mitsubishi Electric MELSEC iQ-F series FX5U-xMy/z(x=32,64,80, y=T,R, z=ES,DS,ESS,DSS); Mitsubishi Electric MELSEC iQ-F series FX5UC-xMy/z(x=32,64,96, y=T,R, z=D,DSS); Mitsubishi Electric MELSEC iQ-F series FX5UC-32MT/DS-TS; Mitsubishi Electric MELSEC iQ-F series FX5UC-32MT/DSS-TS; Mitsubishi Electric MELSEC iQ-F series FX5UC-32MR/DS-TS; Mitsubishi Electric MELSEC iQ-F series FX5UJ-xMy/z(x=24,40,60, y=T,R, z=ES,ESS); Mitsubishi Electric MELSEC iQ-F series FX5UJ-xMy/ES-A(x=24,40,60, y=T,R); Mitsubishi Electric MELSEC iQ-F series FX5S-xMy/z(x=30,40,60,80, y=T,R, z=ES,ESS) Mitsubishi Electric MELSEC iQ-F series FX5UC-32MR/DS-TS versions prior to 1.270
Mitsubishi Electric MELSEC iQ-F series FX5U-xMy/z(x=32,64,80, y=T,R, z=ES,DS,ESS,DSS); Mitsubishi Electric MELSEC iQ-F series FX5UC-xMy/z(x=32,64,96, y=T,R, z=D,DSS); Mitsubishi Electric MELSEC iQ-F series FX5UC-32MT/DS-TS; Mitsubishi Electric MELSEC iQ-F series FX5UC-32MT/DSS-TS; Mitsubishi Electric MELSEC iQ-F series FX5UC-32MR/DS-TS; Mitsubishi Electric MELSEC iQ-F series FX5UJ-xMy/z(x=24,40,60, y=T,R, z=ES,ESS); Mitsubishi Electric MELSEC iQ-F series FX5UJ-xMy/ES-A(x=24,40,60, y=T,R); Mitsubishi Electric MELSEC iQ-F series FX5S-xMy/z(x=30,40,60,80, y=T,R, z=ES,ESS) Mitsubishi Electric MELSEC iQ-F series FX5UJ-xMy/z(x=24,40,60, y=T,R, z=ES,ESS) versions prior to 1.030
Mitsubishi Electric MELSEC iQ-F series FX5U-xMy/z(x=32,64,80, y=T,R, z=ES,DS,ESS,DSS); Mitsubishi Electric MELSEC iQ-F series FX5UC-xMy/z(x=32,64,96, y=T,R, z=D,DSS); Mitsubishi Electric MELSEC iQ-F series FX5UC-32MT/DS-TS; Mitsubishi Electric MELSEC iQ-F series FX5UC-32MT/DSS-TS; Mitsubishi Electric MELSEC iQ-F series FX5UC-32MR/DS-TS; Mitsubishi Electric MELSEC iQ-F series FX5UJ-xMy/z(x=24,40,60, y=T,R, z=ES,ESS); Mitsubishi Electric MELSEC iQ-F series FX5UJ-xMy/ES-A(x=24,40,60, y=T,R); Mitsubishi Electric MELSEC iQ-F series FX5S-xMy/z(x=30,40,60,80, y=T,R, z=ES,ESS) Mitsubishi Electric MELSEC iQ-F series FX5UJ-xMy/ES-A(x=24,40,60, y=T,R) versions prior to 1.031
Mitsubishi Electric MELSEC iQ-F series FX5U-xMy/z(x=32,64,80, y=T,R, z=ES,DS,ESS,DSS); Mitsubishi Electric MELSEC iQ-F series FX5UC-xMy/z(x=32,64,96, y=T,R, z=D,DSS); Mitsubishi Electric MELSEC iQ-F series FX5UC-32MT/DS-TS; Mitsubishi Electric MELSEC iQ-F series FX5UC-32MT/DSS-TS; Mitsubishi Electric MELSEC iQ-F series FX5UC-32MR/DS-TS; Mitsubishi Electric MELSEC iQ-F series FX5UJ-xMy/z(x=24,40,60, y=T,R, z=ES,ESS); Mitsubishi Electric MELSEC iQ-F series FX5UJ-xMy/ES-A(x=24,40,60, y=T,R); Mitsubishi Electric MELSEC iQ-F series FX5S-xMy/z(x=30,40,60,80, y=T,R, z=ES,ESS) Mitsubishi Electric MELSEC iQ-F series FX5S-xMy/z(x=30,40,60,80, y=T,R, z=ES,ESS) version 1.000
Prerequisites
Unknown
Discovered By
Unknown
PoC Author
Unknown
Metasploit Module
Unknown
Reporter
Unknown

Vendors

Products

Additional Info

Authenticated
Unknown
Exploitable
Unknown
Reliability
Unknown
Stability
Unknown
Available Mitigations
Unknown
Shelf Life
Unknown
Userbase/Installbase
Unknown
Patch Effectiveness
Unknown
Technical Analysis