{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2022-33324","assignerOrgId":"e0f77b61-78fd-4786-b3fb-1ee347a748ad","state":"PUBLISHED","assignerShortName":"Mitsubishi","dateReserved":"2022-06-14T17:50:53.644Z","datePublished":"2022-12-23T02:24:15.274Z","dateUpdated":"2024-09-05T05:25:44.061Z"},"containers":{"cna":{"affected":[{"defaultStatus":"unaffected","product":"MELSEC iQ-R Series R00CPU","vendor":"Mitsubishi Electric Corporation","versions":[{"status":"affected","version":"Firmware versions \"32\" and prior"}]},{"defaultStatus":"unaffected","product":"MELSEC iQ-R Series R01CPU","vendor":"Mitsubishi Electric Corporation","versions":[{"status":"affected","version":"Firmware versions \"32\" and prior"}]},{"defaultStatus":"unaffected","product":"MELSEC iQ-R Series R02CPU","vendor":"Mitsubishi Electric Corporation","versions":[{"status":"affected","version":"Firmware versions \"32\" and prior"}]},{"defaultStatus":"unaffected","product":"MELSEC iQ-R Series R04CPU","vendor":"Mitsubishi Electric Corporation","versions":[{"status":"affected","version":"Firmware versions \"65\" and prior"}]},{"defaultStatus":"unaffected","product":"MELSEC iQ-R Series R08CPU","vendor":"Mitsubishi Electric Corporation","versions":[{"status":"affected","version":"Firmware versions \"65\" and prior"}]},{"defaultStatus":"unaffected","product":"MELSEC iQ-R Series R16CPU","vendor":"Mitsubishi Electric Corporation","versions":[{"status":"affected","version":"Firmware versions \"65\" and prior"}]},{"defaultStatus":"unaffected","product":"MELSEC iQ-R Series R32CPU","vendor":"Mitsubishi Electric Corporation","versions":[{"status":"affected","version":"Firmware versions \"65\" and prior"}]},{"defaultStatus":"unaffected","product":"MELSEC iQ-R Series R120CPU","vendor":"Mitsubishi Electric Corporation","versions":[{"status":"affected","version":"Firmware versions \"65\" and prior"}]},{"defaultStatus":"unaffected","product":"MELSEC iQ-R Series R04ENCPU","vendor":"Mitsubishi Electric Corporation","versions":[{"status":"affected","version":"Firmware versions \"65\" and prior"}]},{"defaultStatus":"unaffected","product":"MELSEC iQ-R Series R08ENCPU","vendor":"Mitsubishi Electric Corporation","versions":[{"status":"affected","version":"Firmware versions \"65\" and prior"}]},{"defaultStatus":"unaffected","product":"MELSEC iQ-R Series R16ENCPU","vendor":"Mitsubishi Electric Corporation","versions":[{"status":"affected","version":"Firmware versions \"65\" and prior"}]},{"defaultStatus":"unaffected","product":"MELSEC iQ-R Series R32ENCPU","vendor":"Mitsubishi Electric Corporation","versions":[{"status":"affected","version":"Firmware versions \"65\" and prior"}]},{"defaultStatus":"unaffected","product":"MELSEC iQ-R Series R120ENCPU","vendor":"Mitsubishi Electric Corporation","versions":[{"status":"affected","version":"Firmware versions \"65\" and prior"}]},{"defaultStatus":"unaffected","product":"MELSEC iQ-R Series R08SFCPU","vendor":"Mitsubishi Electric Corporation","versions":[{"status":"affected","version":"Firmware versions \"29\" and prior"}]},{"defaultStatus":"unaffected","product":"MELSEC iQ-R Series R16SFCPU","vendor":"Mitsubishi Electric Corporation","versions":[{"status":"affected","version":"Firmware versions \"29\" and prior"}]},{"defaultStatus":"unaffected","product":"MELSEC iQ-R Series R32SFCPU","vendor":"Mitsubishi Electric Corporation","versions":[{"status":"affected","version":"Firmware versions \"29\" and prior"}]},{"defaultStatus":"unaffected","product":"MELSEC iQ-R Series R120SFCPU","vendor":"Mitsubishi Electric Corporation","versions":[{"status":"affected","version":"Firmware versions \"29\" and prior"}]},{"defaultStatus":"unaffected","product":"MELSEC iQ-R Series R12CCPU-V","vendor":"Mitsubishi Electric Corporation","versions":[{"status":"affected","version":"Firmware versions \"17\" and prior"}]},{"defaultStatus":"unaffected","product":"MELSEC iQ-L Series L04HCPU","vendor":"Mitsubishi Electric Corporation","versions":[{"status":"affected","version":"Firmware versions \"05\" and prior"}]},{"defaultStatus":"unaffected","product":"MELSEC iQ-L Series L08HCPU","vendor":"Mitsubishi Electric Corporation","versions":[{"status":"affected","version":"Firmware versions \"05\" and prior"}]},{"defaultStatus":"unaffected","product":"MELSEC iQ-L Series L16HCPU","vendor":"Mitsubishi Electric Corporation","versions":[{"status":"affected","version":"Firmware versions \"05\" and prior"}]},{"defaultStatus":"unaffected","product":"MELSEC iQ-L Series L32HCPU","vendor":"Mitsubishi Electric Corporation","versions":[{"status":"affected","version":"Firmware versions \"05\" and prior"}]},{"defaultStatus":"unaffected","product":"MELIPC Series MI5122-VW","vendor":"Mitsubishi Electric Corporation","versions":[{"status":"affected","version":"Firmware versions \"07\" and prior"}]},{"defaultStatus":"unaffected","product":"MELSEC iQ-R Series R08PSFCPU","vendor":"Mitsubishi Electric Corporation","versions":[{"status":"affected","version":"Firmware versions \"08\" and prior"}]},{"defaultStatus":"unaffected","product":"MELSEC iQ-R Series R16PSFCPU","vendor":"Mitsubishi Electric Corporation","versions":[{"status":"affected","version":"Firmware versions \"08\" and prior"}]},{"defaultStatus":"unaffected","product":"MELSEC iQ-R Series R32PSFCPU","vendor":"Mitsubishi Electric Corporation","versions":[{"status":"affected","version":"Firmware versions \"08\" and prior"}]},{"defaultStatus":"unaffected","product":"MELSEC iQ-R Series R120PSFCPU","vendor":"Mitsubishi Electric Corporation","versions":[{"status":"affected","version":"Firmware versions \"08\" and prior"}]}],"descriptions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"Improper Resource Shutdown or Release vulnerability in Mitsubishi Electric Corporation MELSEC iQ-R Series R00/01/02CPU Firmware versions \"32\" and prior, Mitsubishi Electric Corporation MELSEC iQ-R Series R04/08/16/32/120(EN)CPU Firmware versions \"65\" and prior, Mitsubishi Electric Corporation MELSEC iQ-R Series R08/16/32/120SFCPU Firmware versions \"29\" and prior, Mitsubishi Electric Corporation MELSEC iQ-R Series R08/16/32/120PSFCPU Firmware versions \"08\" and prior, Mitsubishi Electric Corporation MELSEC iQ-R Series R12CCPU-V Firmware versions \"17\" and prior, Mitsubishi Electric Corporation MELSEC iQ-L Series L04/08/16/32HCPU Firmware versions \"05\" and prior and Mitsubishi Electric Corporation MELIPC Series MI5122-VW Firmware versions \"07\" and prior allows a remote unauthenticated attacker to cause a Denial of Service condition in Ethernet communication on the module by sending specially crafted packets. A system reset of the module is required for recovery."}],"value":"Improper Resource Shutdown or Release vulnerability in Mitsubishi Electric Corporation MELSEC iQ-R Series R00/01/02CPU Firmware versions \"32\" and prior, Mitsubishi Electric Corporation MELSEC iQ-R Series R04/08/16/32/120(EN)CPU Firmware versions \"65\" and prior, Mitsubishi Electric Corporation MELSEC iQ-R Series R08/16/32/120SFCPU Firmware versions \"29\" and prior, Mitsubishi Electric Corporation MELSEC iQ-R Series R08/16/32/120PSFCPU Firmware versions \"08\" and prior, Mitsubishi Electric Corporation MELSEC iQ-R Series R12CCPU-V Firmware versions \"17\" and prior, Mitsubishi Electric Corporation MELSEC iQ-L Series L04/08/16/32HCPU Firmware versions \"05\" and prior and Mitsubishi Electric Corporation MELIPC Series MI5122-VW Firmware versions \"07\" and prior allows a remote unauthenticated attacker to cause a Denial of Service condition in Ethernet communication on the module by sending specially crafted packets. A system reset of the module is required for recovery."}],"impacts":[{"descriptions":[{"lang":"en","value":"Denial of Service"}]}],"metrics":[{"cvssV3_1":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"HIGH","baseScore":7.5,"baseSeverity":"HIGH","confidentialityImpact":"NONE","integrityImpact":"NONE","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","version":"3.1"},"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}]}],"problemTypes":[{"descriptions":[{"cweId":"CWE-404","description":"CWE-404 Improper Resource Shutdown or Release","lang":"en","type":"CWE"}]}],"providerMetadata":{"orgId":"e0f77b61-78fd-4786-b3fb-1ee347a748ad","shortName":"Mitsubishi","dateUpdated":"2024-09-05T05:25:44.061Z"},"references":[{"tags":["vendor-advisory"],"url":"https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-018_en.pdf"},{"tags":["government-resource"],"url":"https://jvn.jp/vu/JVNVU96883262"},{"tags":["government-resource"],"url":"https://www.cisa.gov/uscert/ics/advisories/icsa-22-356-03"}],"source":{"discovery":"UNKNOWN"},"title":"Denial-of-Service Vulnerability in Ethernet port of MELSEC iQ-R, iQ-L Series and MELIPC Series","x_generator":{"engine":"Vulnogram 0.1.0-dev"}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-03T08:09:21.336Z"},"title":"CVE Program Container","references":[{"url":"https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-018_en.pdf","tags":["x_transferred"]},{"url":"https://jvn.jp/vu/JVNVU96883262","tags":["x_transferred"]},{"url":"https://www.cisa.gov/uscert/ics/advisories/icsa-22-356-03","tags":["x_transferred"]}]}]}}