We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2022-33324

Denial-of-Service Vulnerability in Ethernet port of MELSEC iQ-R, iQ-L Series and MELIPC Series



Description

Improper Resource Shutdown or Release vulnerability in Mitsubishi Electric Corporation MELSEC iQ-R Series R00/01/02CPU Firmware versions "32" and prior, Mitsubishi Electric Corporation MELSEC iQ-R Series R04/08/16/32/120(EN)CPU Firmware versions "65" and prior, Mitsubishi Electric Corporation MELSEC iQ-R Series R08/16/32/120SFCPU Firmware versions "29" and prior, Mitsubishi Electric Corporation MELSEC iQ-R Series R08/16/32/120PSFCPU Firmware versions "08" and prior, Mitsubishi Electric Corporation MELSEC iQ-R Series R12CCPU-V Firmware versions "17" and prior, Mitsubishi Electric Corporation MELSEC iQ-L Series L04/08/16/32HCPU Firmware versions "05" and prior and Mitsubishi Electric Corporation MELIPC Series MI5122-VW Firmware versions "07" and prior allows a remote unauthenticated attacker to cause a Denial of Service condition in Ethernet communication on the module by sending specially crafted packets. A system reset of the module is required for recovery.

Reserved 2022-06-14 | Published 2022-12-23 | Updated 2024-09-05 | Assigner Mitsubishi


HIGH: 7.5CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Problem types

CWE-404 Improper Resource Shutdown or Release

Product status

Default status
unaffected

Firmware versions "32" and prior
affected

Default status
unaffected

Firmware versions "32" and prior
affected

Default status
unaffected

Firmware versions "32" and prior
affected

Default status
unaffected

Firmware versions "65" and prior
affected

Default status
unaffected

Firmware versions "65" and prior
affected

Default status
unaffected

Firmware versions "65" and prior
affected

Default status
unaffected

Firmware versions "65" and prior
affected

Default status
unaffected

Firmware versions "65" and prior
affected

Default status
unaffected

Firmware versions "65" and prior
affected

Default status
unaffected

Firmware versions "65" and prior
affected

Default status
unaffected

Firmware versions "65" and prior
affected

Default status
unaffected

Firmware versions "65" and prior
affected

Default status
unaffected

Firmware versions "65" and prior
affected

Default status
unaffected

Firmware versions "29" and prior
affected

Default status
unaffected

Firmware versions "29" and prior
affected

Default status
unaffected

Firmware versions "29" and prior
affected

Default status
unaffected

Firmware versions "29" and prior
affected

Default status
unaffected

Firmware versions "17" and prior
affected

Default status
unaffected

Firmware versions "05" and prior
affected

Default status
unaffected

Firmware versions "05" and prior
affected

Default status
unaffected

Firmware versions "05" and prior
affected

Default status
unaffected

Firmware versions "05" and prior
affected

Default status
unaffected

Firmware versions "07" and prior
affected

Default status
unaffected

Firmware versions "08" and prior
affected

Default status
unaffected

Firmware versions "08" and prior
affected

Default status
unaffected

Firmware versions "08" and prior
affected

Default status
unaffected

Firmware versions "08" and prior
affected

References

www.mitsubishielectric.com/...nerability/pdf/2022-018_en.pdf vendor-advisory

jvn.jp/vu/JVNVU96883262 government-resource

www.cisa.gov/uscert/ics/advisories/icsa-22-356-03 government-resource

cve.org (CVE-2022-33324)

nvd.nist.gov (CVE-2022-33324)

Download JSON

Share this page
https://cve.threatint.com/CVE/CVE-2022-33324

Support options

Helpdesk Chat, Email, Knowledgebase
Subscribe to our newsletter to learn more about our work.