CVE-2022-24946

  1. Reconshell
  2. Vulnerabilities (CVE)
  3. CVE-2022-24946
Improper Resource Locking vulnerability in Mitsubishi Electric MELSEC iQ-R Series R12CCPU-V firmware versions "16" and prior, Mitsubishi Electric MELSEC-Q Series Q03UDECPU the first 5 digits of serial No. "24061" and prior, Mitsubishi Electric MELSEC-Q Series Q04/06/10/13/20/26/50/100UDEHCPU the first 5 digits of serial No. "24061" and prior, Mitsubishi Electric MELSEC-Q Series Q03/04/06/13/26UDVCPU the first 5 digits of serial number "24051" and prior, Mitsubishi Electric MELSEC-Q Series Q04/06/13/26UDPVCPU the first 5 digits of serial number "24051" and prior, Mitsubishi Electric MELSEC-Q Series Q12DCCPU-V all versions, Mitsubishi Electric MELSEC-Q Series Q24DHCCPU-V(G) all versions, Mitsubishi Electric MELSEC-Q Series Q24/26DHCCPU-LS all versions, Mitsubishi Electric MELSEC-L series L02/06/26CPU(-P) the first 5 digits of serial number "24051" and prior, Mitsubishi Electric MELSEC-L series L26CPU-(P)BT the first 5 digits of serial number "24051" and prior and Mitsubishi Electric MELIPC Series MI5122-VW firmware versions "05" and prior allows a remote unauthenticated attacker to cause a denial of service (DoS) condition in Ethernet communications by sending specially crafted packets. A system reset of the products is required for recovery.

7.5 /10

CVSS v3.0 : HIGH

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

7.8 /10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:N/I:N/A:C

Exploitability : 10.0 / Impact : 6.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact COMPLETE

References
Link Resource
https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-007_en.pdf Vendor Advisory
https://jvn.jp/vu/JVNVU90895626/index.html Third Party Advisory
https://www.cisa.gov/uscert/ics/advisories/icsa-22-172-01
Advertisement

NeevaHost hosting service
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:mitsubishielectric:q03udecpu_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:q03udecpu:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:mitsubishielectric:q04udehcpu_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:q04udehcpu:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:mitsubishielectric:q04udpvcpu_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:q04udpvcpu:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:mitsubishielectric:q04udvcpu_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:q04udvcpu:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:mitsubishielectric:q100udehcpu_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:q100udehcpu:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:mitsubishielectric:q50udehcpu_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:q50udehcpu:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:mitsubishielectric:q26dhccpu-ls_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:q26dhccpu-ls:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:mitsubishielectric:q26udehcpu_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:q26udehcpu:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:mitsubishielectric:q26udpvcpu_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:q26udpvcpu:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND
cpe:2.3:o:mitsubishielectric:q26udvcpu_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:q26udvcpu:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND
cpe:2.3:o:mitsubishielectric:q20udehcpu_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:q20udehcpu:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND
cpe:2.3:o:mitsubishielectric:q13udehcpu_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:q13udehcpu:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND
cpe:2.3:o:mitsubishielectric:q13udpvcpu_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:q13udpvcpu:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND
cpe:2.3:o:mitsubishielectric:q13udvcpu_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:q13udvcpu:-:*:*:*:*:*:*:*

Configuration 15 (hide)

AND
cpe:2.3:o:mitsubishielectric:q10udehcpu_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:q10udehcpu:-:*:*:*:*:*:*:*

Configuration 16 (hide)

AND
cpe:2.3:o:mitsubishielectric:q06ccpu-v_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:q06ccpu-v:-:*:*:*:*:*:*:*

Configuration 17 (hide)

AND
cpe:2.3:o:mitsubishielectric:q06phcpu_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:q06phcpu:-:*:*:*:*:*:*:*

Configuration 18 (hide)

AND
cpe:2.3:o:mitsubishielectric:q06udehcpu_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:q06udehcpu:-:*:*:*:*:*:*:*

Configuration 19 (hide)

AND
cpe:2.3:o:mitsubishielectric:q06udpvcpu_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:q06udpvcpu:-:*:*:*:*:*:*:*

Configuration 20 (hide)

AND
cpe:2.3:o:mitsubishielectric:q06udvcpu_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:q06udvcpu:-:*:*:*:*:*:*:*

Configuration 21 (hide)

AND
cpe:2.3:o:mitsubishielectric:l02cpu_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:l02cpu:-:*:*:*:*:*:*:*

Configuration 22 (hide)

AND
cpe:2.3:o:mitsubishielectric:l02cpu-p_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:l02cpu-p:-:*:*:*:*:*:*:*

Configuration 23 (hide)

AND
cpe:2.3:o:mitsubishielectric:l02scpu_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:l02scpu:-:*:*:*:*:*:*:*

Configuration 24 (hide)

AND
cpe:2.3:o:mitsubishielectric:l02scpu-p_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:l02scpu-p:-:*:*:*:*:*:*:*

Configuration 25 (hide)

AND
cpe:2.3:o:mitsubishielectric:l06cpu_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:l06cpu:-:*:*:*:*:*:*:*

Configuration 26 (hide)

AND
cpe:2.3:o:mitsubishielectric:l06cpu-p_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:l06cpu-p:-:*:*:*:*:*:*:*

Configuration 27 (hide)

AND
cpe:2.3:o:mitsubishielectric:l26cpu_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:l26cpu:-:*:*:*:*:*:*:*

Configuration 28 (hide)

AND
cpe:2.3:o:mitsubishielectric:l26cpu-\(p\)bt_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:l26cpu-\(p\)bt:-:*:*:*:*:*:*:*

Configuration 29 (hide)

AND
cpe:2.3:o:mitsubishielectric:l26cpu-bt_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:l26cpu-bt:-:*:*:*:*:*:*:*

Configuration 30 (hide)

AND
cpe:2.3:o:mitsubishielectric:l26cpu-bt-cm_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:l26cpu-bt-cm:-:*:*:*:*:*:*:*

Configuration 31 (hide)

AND
cpe:2.3:o:mitsubishielectric:l26cpu-p_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:l26cpu-p:-:*:*:*:*:*:*:*

Configuration 32 (hide)

AND
cpe:2.3:o:mitsubishielectric:l26cpu-pbt_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:l26cpu-pbt:-:*:*:*:*:*:*:*
Information

Published : 2022-06-15 14:15

Updated : 2022-08-19 16:25

NVD link : CVE-2022-24946

Mitre link : CVE-2022-24946

JSON object : View

CWE
CWE-667

Improper Locking

Advertisement

dedicated server usa
Products Affected

mitsubishielectric

  • l06cpu
  • q10udehcpu_firmware
  • q13udvcpu_firmware
  • q26udehcpu
  • l02cpu-p
  • l02scpu-p_firmware
  • q06udvcpu
  • q26udvcpu
  • l06cpu-p_firmware
  • q100udehcpu_firmware
  • l26cpu
  • q26udehcpu_firmware
  • l26cpu-bt_firmware
  • q20udehcpu
  • q50udehcpu_firmware
  • l26cpu-bt
  • q10udehcpu
  • q26udpvcpu_firmware
  • q26udpvcpu
  • q13udpvcpu_firmware
  • l02cpu_firmware
  • l26cpu-pbt
  • l26cpu-\(p\)bt_firmware
  • q04udehcpu
  • q20udehcpu_firmware
  • q03udecpu_firmware
  • l06cpu_firmware
  • q06udehcpu
  • q13udehcpu
  • q06phcpu_firmware
  • l02scpu
  • q13udpvcpu
  • q26udvcpu_firmware
  • q06ccpu-v_firmware
  • q06udpvcpu
  • q06udehcpu_firmware
  • l02cpu-p_firmware
  • l26cpu-bt-cm
  • q06udvcpu_firmware
  • q13udvcpu
  • q13udehcpu_firmware
  • q06udpvcpu_firmware
  • l26cpu-p
  • q04udpvcpu_firmware
  • q03udecpu
  • q06phcpu
  • l02cpu
  • l06cpu-p
  • q26dhccpu-ls_firmware
  • l26cpu-\(p\)bt
  • q06ccpu-v
  • l26cpu-bt-cm_firmware
  • l02scpu_firmware
  • l26cpu-pbt_firmware
  • q100udehcpu
  • q04udehcpu_firmware
  • q04udvcpu
  • l26cpu_firmware
  • l02scpu-p
  • q26dhccpu-ls
  • q04udpvcpu
  • q50udehcpu
  • q04udvcpu_firmware
  • l26cpu-p_firmware