CVE-2022-33324

  1. Reconshell
  2. Vulnerabilities (CVE)
  3. CVE-2022-33324
Improper Resource Shutdown or Release vulnerability in Mitsubishi Electric Corporation MELSEC iQ-R Series R00/01/02CPU Firmware versions "32" and prior, Mitsubishi Electric Corporation MELSEC iQ-R Series R04/08/16/32/120(EN)CPU Firmware versions "65" and prior, Mitsubishi Electric Corporation MELSEC iQ-R Series R08/16/32/120SFCPU all versions, Mitsubishi Electric Corporation MELSEC iQ-R Series R12CCPU-V all versions, Mitsubishi Electric Corporation MELSEC iQ-L Series L04/08/16/32HCPU all versions and Mitsubishi Electric Corporation MELIPC Series MI5122-VW all versions allows a remote unauthenticated attacker to cause a Denial of Service condition in Ethernet communication on the module by sending specially crafted packets. A system reset of the module is required for recovery.

7.5 /10

CVSS v3.0 : HIGH

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://www.cisa.gov/uscert/ics/advisories/icsa-22-356-03 Patch Third Party Advisory US Government Resource
https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-018_en.pdf Vendor Advisory
https://jvn.jp/vu/JVNVU96883262 Third Party Advisory
Advertisement

NeevaHost hosting service
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:mitsubishi:melsec_iq-r_r00_cpu_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishi:melsec_iq-r_r00_cpu:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:mitsubishi:melsec_iq-r_r01_cpu_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishi:melsec_iq-r_r01_cpu:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:mitsubishi:melsec_iq-r_r02_cpu_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishi:melsec_iq-r_r02_cpu:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:mitsubishi:melsec_iq-r_r04_cpu_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishi:melsec_iq-r_r04_cpu:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:mitsubishi:melsec_iq-r_r08_cpu_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishi:melsec_iq-r_r08_cpu:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:mitsubishi:melsec_iq-r_r16_cpu_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishi:melsec_iq-r_r16_cpu:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:mitsubishi:melsec_iq-r_r32_cpu_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishi:melsec_iq-r_r32_cpu:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:mitsubishi:melsec_iq-r_r120_cpu_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishi:melsec_iq-r_r120_cpu:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:mitsubishi:melsec_iq-r_r04_sfcpu_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishi:melsec_iq-r_r04_sfcpu:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND
cpe:2.3:o:mitsubishi:melsec_iq-r_r08_sfcpu_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishi:melsec_iq-r_r08_sfcpu:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND
cpe:2.3:o:mitsubishi:melsec_iq-r_r120_sfcpu_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishi:melsec_iq-r_r120_sfcpu:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND
cpe:2.3:o:mitsubishi:melsec_iq-r_r16_sfcpu_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishi:melsec_iq-r_r16_sfcpu:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND
cpe:2.3:o:mitsubishi:melsec_iq-r_r32_sfcpu_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishi:melsec_iq-r_r32_sfcpu:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND
cpe:2.3:o:mitsubishi:melsec_iq-r_r12_ccpu-v_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishi:melsec_iq-r_r12_ccpu-v:-:*:*:*:*:*:*:*

Configuration 15 (hide)

AND
cpe:2.3:o:mitsubishi:melipc_mi5122-vw_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishi:melipc_mi5122-vw:-:*:*:*:*:*:*:*

Configuration 16 (hide)

AND
cpe:2.3:o:mitsubishi:melsec_iq-l_l04_hcpu_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishi:melsec_iq-l_l04_hcpu:-:*:*:*:*:*:*:*

Configuration 17 (hide)

AND
cpe:2.3:o:mitsubishi:melsec_iq-l_l08_hcpu_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishi:melsec_iq-l_l08_hcpu:-:*:*:*:*:*:*:*

Configuration 18 (hide)

AND
cpe:2.3:o:mitsubishi:melsec_iq-l_l16_hcpu_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishi:melsec_iq-l_l16_hcpu:-:*:*:*:*:*:*:*

Configuration 19 (hide)

AND
cpe:2.3:o:mitsubishi:melsec_iq-l_l32_hcpu_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishi:melsec_iq-l_l32_hcpu:-:*:*:*:*:*:*:*
Information

Published : 2022-12-22 19:15

Updated : 2023-01-04 13:21

NVD link : CVE-2022-33324

Mitre link : CVE-2022-33324

JSON object : View

CWE
CWE-404

Improper Resource Shutdown or Release

Advertisement

dedicated server usa
Products Affected

mitsubishi

  • melsec_iq-r_r04_cpu
  • melsec_iq-r_r01_cpu
  • melsec_iq-r_r08_cpu_firmware
  • melsec_iq-r_r16_sfcpu
  • melsec_iq-r_r16_sfcpu_firmware
  • melsec_iq-r_r12_ccpu-v
  • melsec_iq-r_r32_sfcpu
  • melsec_iq-l_l16_hcpu_firmware
  • melsec_iq-l_l16_hcpu
  • melsec_iq-l_l32_hcpu_firmware
  • melsec_iq-r_r00_cpu_firmware
  • melsec_iq-r_r04_cpu_firmware
  • melsec_iq-l_l04_hcpu_firmware
  • melsec_iq-l_l08_hcpu_firmware
  • melsec_iq-l_l04_hcpu
  • melsec_iq-r_r32_sfcpu_firmware
  • melsec_iq-r_r16_cpu_firmware
  • melsec_iq-r_r12_ccpu-v_firmware
  • melsec_iq-r_r08_sfcpu_firmware
  • melsec_iq-l_l32_hcpu
  • melsec_iq-r_r120_cpu
  • melsec_iq-r_r120_cpu_firmware
  • melipc_mi5122-vw
  • melsec_iq-r_r04_sfcpu
  • melipc_mi5122-vw_firmware
  • melsec_iq-r_r04_sfcpu_firmware
  • melsec_iq-r_r32_cpu
  • melsec_iq-r_r120_sfcpu
  • melsec_iq-r_r01_cpu_firmware
  • melsec_iq-r_r08_sfcpu
  • melsec_iq-l_l08_hcpu
  • melsec_iq-r_r02_cpu_firmware
  • melsec_iq-r_r02_cpu
  • melsec_iq-r_r32_cpu_firmware
  • melsec_iq-r_r00_cpu
  • melsec_iq-r_r16_cpu
  • melsec_iq-r_r120_sfcpu_firmware
  • melsec_iq-r_r08_cpu