CVE-2022-33324

{"id": "CVE-2022-33324", "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2022-12-23T03:15:08.723", "references": [{"url": "https://jvn.jp/vu/JVNVU96883262", "tags": ["Third Party Advisory"], "source": "Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp"}, {"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-356-03", "tags": ["Patch", "Third Party Advisory", "US Government Resource"], "source": "Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp"}, {"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-018_en.pdf", "tags": ["Vendor Advisory"], "source": "Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp"}, {"url": "https://jvn.jp/vu/JVNVU96883262", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-356-03", "tags": ["Patch", "Third Party Advisory", "US Government Resource"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-018_en.pdf", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp", "description": [{"lang": "en", "value": "CWE-404"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-404"}]}], "descriptions": [{"lang": "en", "value": "Improper Resource Shutdown or Release vulnerability in Mitsubishi Electric Corporation MELSEC iQ-R Series R00/01/02CPU Firmware versions \"32\" and prior, Mitsubishi Electric Corporation MELSEC iQ-R Series R04/08/16/32/120(EN)CPU Firmware versions \"65\" and prior, Mitsubishi Electric Corporation MELSEC iQ-R Series R08/16/32/120SFCPU Firmware versions \"29\" and prior, Mitsubishi Electric Corporation MELSEC iQ-R Series R08/16/32/120PSFCPU Firmware versions \"08\" and prior, Mitsubishi Electric Corporation MELSEC iQ-R Series R12CCPU-V Firmware versions \"17\" and prior, Mitsubishi Electric Corporation MELSEC iQ-L Series L04/08/16/32HCPU Firmware versions \"05\" and prior and Mitsubishi Electric Corporation MELIPC Series MI5122-VW Firmware versions \"07\" and prior allows a remote unauthenticated attacker to cause a Denial of Service condition in Ethernet communication on the module by sending specially crafted packets. A system reset of the module is required for recovery."}, {"lang": "es", "value": "Vulnerabilidad de liberaci\u00f3n o cierre incorrecto de recursos en Mitsubishi Electric Corporation MELSEC iQ-R Series R00/01/02CPU Firmware versiones \"32\" y anteriores, Mitsubishi Electric Corporation MELSEC iQ-R Series R04/08/16/32/120(EN)CPU Firmware Versiones \"65\" y anteriores, Mitsubishi Electric Corporation MELSEC iQ-R Series R08/16/32/120SFCPU Versiones de firmware \"29\" y anteriores, Mitsubishi Electric Corporation MELSEC iQ-R Series R12CCPU-V todas las versiones, Mitsubishi Electric Corporation MELSEC iQ- Serie L L04/08/16/32HCPU todas las versiones y Mitsubishi Electric Corporation MELIPC Serie MI5122-VW todas las versiones permiten a un atacante remoto no autenticado provocar una condici\u00f3n de Denegaci\u00f3n de Servicio (DoS) en la comunicaci\u00f3n Ethernet en el m\u00f3dulo mediante el env\u00edo de paquetes especialmente manipulados. Se requiere un reinicio del sistema del m\u00f3dulo para la recuperaci\u00f3n."}], "lastModified": "2024-11-21T07:08:11.880", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishi:melsec_iq-r_r00_cpu_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EFC979CD-10C3-400C-A7EA-9E9B3637E1D7", "versionEndExcluding": "33.0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishi:melsec_iq-r_r00_cpu:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "FC6B7E9C-C56C-4452-9A8A-3E8BF51ED354"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishi:melsec_iq-r_r01_cpu_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7E13BF4F-3D5A-4FAD-BCD8-7261920AE06F", "versionEndExcluding": "33.0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishi:melsec_iq-r_r01_cpu:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "560D6AFE-4CDC-40D0-8C35-6749375B9B3C"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishi:melsec_iq-r_r02_cpu_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "60BEF351-E337-4302-8D82-E90B2834370F", "versionEndExcluding": "33.0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishi:melsec_iq-r_r02_cpu:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E4D5746A-B9BC-4A4C-AF09-D2B16D54BF4D"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishi:melsec_iq-r_r04_cpu_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0B733AD2-E857-47F4-89D5-A8F8B45F4A52", "versionEndExcluding": "66.0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishi:melsec_iq-r_r04_cpu:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "DA6B52DA-0EF4-46BF-A36D-92F717F70987"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishi:melsec_iq-r_r08_cpu_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "94D88549-B35E-4E27-84D1-3A828604BAED", "versionEndExcluding": "66.0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishi:melsec_iq-r_r08_cpu:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "CF4496AD-1EFC-4B1D-8122-799FA34B40CB"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishi:melsec_iq-r_r16_cpu_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "64A9C5A6-401D-4E28-A0DB-0BCD84B4E62B", "versionEndExcluding": "66.0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishi:melsec_iq-r_r16_cpu:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "CA42D2F8-7856-4983-8FA9-0421E039AE8C"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishi:melsec_iq-r_r32_cpu_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3F397671-FF15-45B0-8CEE-BC807B402019", "versionEndExcluding": "66.0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishi:melsec_iq-r_r32_cpu:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "46D73C1A-3B81-4E81-A56D-0A75CEA4F92C"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishi:melsec_iq-r_r120_cpu_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4F2250E2-BDB4-4D12-BE4A-9BFBE83736D6", "versionEndExcluding": "66.0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishi:melsec_iq-r_r120_cpu:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "3EB4326B-B4F4-40DD-8220-204D490FFB38"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishi:melsec_iq-r_r04_sfcpu_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "608399AA-EC27-4AB2-B78A-1EF604CE9B9C"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishi:melsec_iq-r_r04_sfcpu:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A654F03D-CBAC-45FB-8E5D-248E170C0AAE"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishi:melsec_iq-r_r08_sfcpu_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "31AC9FB9-1E38-4F72-8C5F-C92D47A859CD"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishi:melsec_iq-r_r08_sfcpu:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "781540CA-FCA3-4AA6-8A10-8534C31B34DA"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishi:melsec_iq-r_r120_sfcpu_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2670099B-E05E-4918-B509-8D501CB60DD5"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishi:melsec_iq-r_r120_sfcpu:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "34AA698B-A83A-4844-8E6C-7A674FEACC95"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishi:melsec_iq-r_r16_sfcpu_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4D581B2C-94BC-4BBD-B4D2-EC5D4A6503D7"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishi:melsec_iq-r_r16_sfcpu:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "6F98C064-A2E6-435C-8EB8-02E51B66ABA4"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishi:melsec_iq-r_r32_sfcpu_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "35C64BD2-E3E1-42BE-A05F-4AB4EA067BF2"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishi:melsec_iq-r_r32_sfcpu:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "293AD605-CF64-4136-820D-CCA74979534C"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishi:melsec_iq-r_r12_ccpu-v_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BD61A664-AB0A-404D-894D-B8923F00F0F2"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishi:melsec_iq-r_r12_ccpu-v:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "05A9F81B-DA09-483C-899C-05714192031E"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishi:melipc_mi5122-vw_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "36A44C7C-6ABE-42B3-AAE9-D946FA0F35AC"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishi:melipc_mi5122-vw:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "C853C13A-91EB-473A-A170-41CD2FF71D67"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishi:melsec_iq-l_l04_hcpu_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1F615AE5-A216-4EED-813A-F530AD7BE225"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishi:melsec_iq-l_l04_hcpu:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "41167484-1F65-44C1-AB44-FCAAC7CC0D13"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishi:melsec_iq-l_l08_hcpu_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EAA81031-EA3F-435A-B65C-8110061DA134"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishi:melsec_iq-l_l08_hcpu:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "BCE70487-E8F3-48D7-A4B7-FD85CFACDE81"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishi:melsec_iq-l_l16_hcpu_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DAA0255C-5233-485C-A997-606094D90486"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishi:melsec_iq-l_l16_hcpu:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "9C91C52A-6ECB-498C-9DB9-563B6E6C6D70"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishi:melsec_iq-l_l32_hcpu_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "70B58655-D030-4ED1-B412-56F025B069D1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishi:melsec_iq-l_l32_hcpu:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "CFCB3495-4859-4935-AB75-549A67E61D43"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp"}