CVE-2022-40267 – Authentication Bypass Vulnerability in Web Server Function on MELSEC Series
https://notcve.org/view.php?id=CVE-2022-40267
Predictable Seed in Pseudo-Random Number Generator (PRNG) vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series FX5U-xMy/z (x=32,64,80, y=T,R, z=ES,DS,ESS,DSS) with serial number 17X**** or later, and versions 1.280 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5U-xMy/z (x=32,64,80, y=T,R, z=ES,DS,ESS,DSS) with serial number 179**** and prior, and versions 1.074 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5UC-xMy/z (x=32,64,96, y=T, z=D,DSS)) with serial number 17X**** or later, and versions 1.280 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5UC-xMy/z (x=32,64,96, y=T, z=D,DSS)) with serial number 179**** and prior, and versions 1.074 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5UC-32MT/DS-TS versions 1.280 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5UC-32MT/DSS-TS versions 1.280 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5UJ-xMy/z (x=24,40,60, y=T,R, z=ES,ESS) versions 1.042 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5UJ-xMy/ES-A (x=24,40,60, y=T,R) versions 1.043 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5S-xMy/z (x=30,40,60,80, y=T,R, z=ES,ESS) versions 1.003 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5UC-32MR/DS-TS versions 1.280 and prior, Mitsubishi Electric Corporation MELSEC iQ-R Series R00/01/02CPU versions 33 and prior, Mitsubishi Electric Corporation MELSEC iQ-R Series R04/08/16/32/120(EN)CPU versions 66 and prior allows a remote unauthenticated attacker to access the Web server function by guessing the random numbers used for authentication from several used random numbers. • https://jvn.jp/vu/JVNVU99673580/index.html https://www.cisa.gov/uscert/ics/advisories/icsa-23-017-02 https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-019_en.pdf • CWE-335: Incorrect Usage of Seeds in Pseudo-Random Number Generator (PRNG) CWE-337: Predictable Seed in Pseudo-Random Number Generator (PRNG) •
CVE-2022-25162
https://notcve.org/view.php?id=CVE-2022-25162
Improper Input Validation vulnerability in Mitsubishi Electric MELSEC iQ-F series FX5U-xMy/z(x=32,64,80, y=T,R, z=ES,DS,ESS,DSS) with serial number 17X**** or later and versions prior to 1.270, Mitsubishi Electric Mitsubishi Electric MELSEC iQ-F series FX5U-xMy/z(x=32,64,80, y=T,R, z=ES,DS,ESS,DSS) with serial number 179**** and prior and versions prior to 1.073, MELSEC iQ-F series FX5UC-xMy/z(x=32,64,96, y=T,R, z=D,DSS) with serial number 17X**** or later and versions prior to 1.270, Mitsubishi Electric MELSEC iQ-F series FX5UC-xMy/z(x=32,64,96, y=T,R, z=D,DSS) with serial number 179**** and prior and versions prior to 1.073, Mitsubishi Electric MELSEC iQ-F series FX5UC-32MT/DS-TS versions prior to 1.270, Mitsubishi Electric MELSEC iQ-F series FX5UC-32MT/DSS-TS versions prior to 1.270, Mitsubishi Electric MELSEC iQ-F series FX5UC-32MR/DS-TS versions prior to 1.270, Mitsubishi Electric MELSEC iQ-F series FX5UJ-xMy/z(x=24,40,60, y=T,R, z=ES,ESS) versions prior to 1.030, Mitsubishi Electric MELSEC iQ-F series FX5UJ-xMy/ES-A(x=24,40,60, y=T,R) versions prior to 1.031 and Mitsubishi Electric MELSEC iQ-F series FX5S-xMy/z(x=30,40,60,80, y=T,R, z=ES,ESS) version 1.000 allows a remote unauthenticated attacker to cause a temporary DoS condition for the product's communication by sending specially crafted packets. Vulnerabilidad de validación de entrada inadecuada en Mitsubishi Electric MELSEC serie iQ-F FX5U-xMy/z(x=32,64,80, y=T,R, z=ES,DS,ESS,DSS) con número de serie 17X**** o posterior y versiones anteriores a la 1. 270, Mitsubishi Electric MELSEC iQ-F series FX5U-xMy/z(x=32,64,80, y=T,R, z=ES,DS,ESS,DSS) con número de serie 179**** y anteriores y versiones anteriores a 1. 073, Mitsubishi Electric MELSEC serie iQ-F FX5UC-32MT/DS-TS versiones anteriores a 1.270, Mitsubishi Electric MELSEC serie iQ-F FX5UC-32MT/DSS-TS versiones anteriores a 1. 270, Mitsubishi Electric MELSEC serie iQ-F FX5UC-32MR/DS-TS versiones anteriores a 1.270, Mitsubishi Electric MELSEC serie iQ-F FX5UJ-xMy/z(x=24,40,60, y=T,R, z=ES,ESS) versiones anteriores a 1. 030, Mitsubishi Electric MELSEC iQ-F series FX5UJ-xMy/ES-A(x=24,40,60, y=T,R) versiones anteriores a la 1.031 y Mitsubishi Electric MELSEC iQ-F series FX5S-xMy/z(x=30,40,60,80, y=T,R, z=ES,ESS) versión 1.000 permite a un atacante remoto no autenticado provocar una condición de DoS temporal para la comunicación del producto mediante el envío de paquetes especialmente diseñados • https://jvn.jp/vu/JVNVU95926817/index.html https://www.cisa.gov/uscert/ics/advisories/icsa-22-139-01 https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-004_en.pdf • CWE-20: Improper Input Validation •
CVE-2022-25161
https://notcve.org/view.php?id=CVE-2022-25161
Improper Input Validation vulnerability in Mitsubishi Electric MELSEC iQ-F series FX5U-xMy/z(x=32,64,80, y=T,R, z=ES,DS,ESS,DSS) with serial number 17X**** or later and versions prior to 1.270, Mitsubishi Electric Mitsubishi Electric MELSEC iQ-F series FX5U-xMy/z(x=32,64,80, y=T,R, z=ES,DS,ESS,DSS) with serial number 179**** and prior and versions prior to 1.073, MELSEC iQ-F series FX5UC-xMy/z(x=32,64,96, y=T,R, z=D,DSS) with serial number 17X**** or later and versions prior to 1.270, Mitsubishi Electric MELSEC iQ-F series FX5UC-xMy/z(x=32,64,96, y=T,R, z=D,DSS) with serial number 179**** and prior and versions prior to 1.073, Mitsubishi Electric MELSEC iQ-F series FX5UC-32MT/DS-TS versions prior to 1.270, Mitsubishi Electric MELSEC iQ-F series FX5UC-32MT/DSS-TS versions prior to 1.270, Mitsubishi Electric MELSEC iQ-F series FX5UC-32MR/DS-TS versions prior to 1.270, Mitsubishi Electric MELSEC iQ-F series FX5UJ-xMy/z(x=24,40,60, y=T,R, z=ES,ESS) versions prior to 1.030, Mitsubishi Electric MELSEC iQ-F series FX5UJ-xMy/ES-A(x=24,40,60, y=T,R) versions prior to 1.031 and Mitsubishi Electric MELSEC iQ-F series FX5S-xMy/z(x=30,40,60,80, y=T,R, z=ES,ESS) version 1.000 allows a remote unauthenticated attacker to cause a DoS condition for the product's program execution or communication by sending specially crafted packets. System reset of the product is required for recovery. Vulnerabilidad de validación de entrada inadecuada en Mitsubishi Electric MELSEC serie iQ-F FX5U-xMy/z(x=32,64,80, y=T,R, z=ES,DS,ESS,DSS) con número de serie 17X**** o posterior y versiones anteriores a la 1. 270, Mitsubishi Electric MELSEC iQ-F series FX5U-xMy/z(x=32,64,80, y=T,R, z=ES,DS,ESS,DSS) con número de serie 179**** y anteriores y versiones anteriores a 1. 073, Mitsubishi Electric MELSEC serie iQ-F FX5UC-32MT/DS-TS versiones anteriores a 1.270, Mitsubishi Electric MELSEC serie iQ-F FX5UC-32MT/DSS-TS versiones anteriores a 1. 270, Mitsubishi Electric MELSEC serie iQ-F FX5UC-32MR/DS-TS versiones anteriores a 1.270, Mitsubishi Electric MELSEC serie iQ-F FX5UJ-xMy/z(x=24,40,60, y=T,R, z=ES,ESS) versiones anteriores a 1. 030, la serie MELSEC iQ-F de Mitsubishi Electric FX5UJ-xMy/ES-A(x=24,40,60, y=T,R) versiones anteriores a la 1.031 y la serie MELSEC iQ-F de Mitsubishi Electric FX5S-xMy/z(x=30,40,60,80, y=T,R, z=ES,ESS) versión 1.000 permiten que un atacante remoto no autenticado provoque una condición de denegación de servicio (DoS) para la ejecución del programa o la comunicación del producto mediante el envío de paquetes especialmente diseñados. Se requiere un reinicio del sistema del producto para la recuperación • https://jvn.jp/vu/JVNVU95926817/index.html https://www.cisa.gov/uscert/ics/advisories/icsa-22-139-01 https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-004_en.pdf • CWE-20: Improper Input Validation •
CVE-2020-16226 – Mitsubishi Electric Multiple Products
https://notcve.org/view.php?id=CVE-2020-16226
Multiple Mitsubishi Electric products are vulnerable to impersonations of a legitimate device by a malicious actor, which may allow an attacker to remotely execute arbitrary commands. Múltiples productos de Mitsubishi Electric, son vulnerables a suplantaciones de un dispositivo legítimo por parte de un actor malicioso, lo que puede permitir a un atacante ejecutar comandos arbitrarios remotamente This vulnerability allows remote attackers to execute arbitrary code on affected installations of Mitsubishi Electric MELSEC iQ-F. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of ACK packets. When generating ACK packets, the application uses a predictable sequence number. An attacker can leverage this vulnerability to execute arbitrary code in the context of the current process. • https://us-cert.cisa.gov/ics/advisories/icsa-20-245-01 • CWE-342: Predictable Exact Value from Previous Values •