CVE-2022-25157

Severity Score

9.1

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

Use of Password Hash Instead of Password for Authentication vulnerability in Mitsubishi Electric MELSEC iQ-F series FX5U(C) CPU all versions, Mitsubishi Electric MELSEC iQ-F series FX5UJ CPU all versions, Mitsubishi Electric MELSEC iQ-R series R00/01/02CPU all versions, Mitsubishi Electric MELSEC iQ-R series R04/08/16/32/120(EN)CPU all versions, Mitsubishi Electric MELSEC iQ-R series R08/16/32/120SFCPU all versions, Mitsubishi Electric MELSEC iQ-R series R08/16/32/120PCPU all versions, Mitsubishi Electric MELSEC iQ-R series R08/16/32/120PSFCPU all versions, Mitsubishi Electric MELSEC iQ-R series R16/32/64MTCPU all versions, Mitsubishi Electric MELSEC iQ-R series RJ71C24(-R2/R4) all versions, Mitsubishi Electric MELSEC iQ-R series RJ71EN71 all versions, Mitsubishi Electric MELSEC iQ-R series RJ71GF11-T2 all versions, Mitsubishi Electric MELSEC iQ-R series RJ71GP21(S)-SX all versions, Mitsubishi Electric MELSEC iQ-R series RJ72GF15-T2 all versions, Mitsubishi Electric MELSEC Q series Q03UDECPU all versions, Mitsubishi Electric MELSEC Q series Q04/06/10/13/20/26/50/100UDEHCPU all versions, Mitsubishi Electric MELSEC Q series Q03/04/06/13/26UDVCPU all versions, Mitsubishi Electric MELSEC Q series Q04/06/13/26UDPVCPU all versions, Mitsubishi Electric MELSEC Q series QJ71C24N(-R2/R4) all versions, Mitsubishi Electric MELSEC Q series QJ71E71-100 all versions, Mitsubishi Electric MELSEC L series L02/06/26CPU(-P) all versions, Mitsubishi Electric MELSEC L series L26CPU-(P)BT all versions, Mitsubishi Electric MELSEC L series LJ71C24(-R2) all versions, Mitsubishi Electric MELSEC L series LJ71E71-100 all versions and Mitsubishi Electric MELSEC L series LJ72GF15-T2 all versions allows a remote unauthenticated attacker to disclose or tamper with the information in the product by using an eavesdropped password hash.

Vulnerabilidad en el uso del hash de la contraseña en lugar de la contraseña para la autenticación en Mitsubishi Electric MELSEC iQ-F series FX5U(C) CPU todas las versiones, Mitsubishi Electric MELSEC iQ-F series FX5UJ CPU todas las versiones, Mitsubishi Electric MELSEC iQ-R series R00/01/02CPU todas las versiones, Mitsubishi Electric MELSEC iQ-R series R04/08/16/32/120(ES)CPU todas las versiones, Mitsubishi Electric MELSEC iQ-R series R08/16/32/120SFCPU todas las versiones, Mitsubishi Electric MELSEC iQ-R serie R08/16/32/120PCPU todas las versiones, Mitsubishi Electric MELSEC iQ-R serie R08/16/32/120PSFCPU todas las versiones, Mitsubishi Electric MELSEC iQ-R serie R16/32/64MTCPU todas las versiones, Mitsubishi Electric MELSEC iQ-R serie RJ71C24(-R2/R4) todas las versiones, Mitsubishi Electric MELSEC iQ-R serie RJ71EN71 todas las versiones, Mitsubishi Electric MELSEC iQ-R serie RJ71GF11-T2 todas las versiones, Mitsubishi Electric MELSEC iQ-R serie RJ71GP21(S)-SX todas las versiones, Mitsubishi Electric MELSEC serie iQ-R RJ72GF15-T2 todas las versiones, Mitsubishi Electric MELSEC serie Q Q03UDECPU todas las versiones, Mitsubishi Electric MELSEC serie Q04/06/10/13/20/26/50/100UDEHCPU todas las versiones, Mitsubishi Electric MELSEC Q serie Q03/04/06/13/26UDVCPU todas las versiones, Mitsubishi Electric MELSEC Q serie Q04/06/13/26UDPVCPU todas las versiones, Mitsubishi Electric MELSEC Q serie QJ71C24N(-R2/R4) todas las versiones, Mitsubishi Electric MELSEC Q serie QJ71E71-100 todas las versiones, Mitsubishi Electric MELSEC serie L L02/06/26CPU(-P) todas las versiones, Mitsubishi Electric MELSEC serie L L26CPU-(P)BT todas las versiones, Mitsubishi Electric MELSEC serie L LJ71C24(-R2) todas las versiones, Mitsubishi Electric MELSEC serie L LJ71E71-100 todas las versiones y Mitsubishi Electric MELSEC serie L LJ72GF15-T2 todas las versiones permiten a un atacante remoto no autenticado revelar o manipular la información del producto mediante el uso de un hash de contraseña interceptado

*Credits: N/A

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

None

Attack Vector

Network

Attack Complexity

Low

Authentication

None

Confidentiality

Partial

Integrity

Partial

Availability

None

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2022-02-14 CVE Reserved
2022-04-01 CVE Published
2023-10-23 EPSS Updated
2024-08-03 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-287: Improper Authentication

CAPEC

References (3)

URL	Tag	Source
https://jvn.jp/vu/JVNVU96577897/index.html	Third Party Advisory
https://www.cisa.gov/uscert/ics/advisories/icsa-22-090-04	Third Party Advisory

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC
https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-031_en.pdf	2023-08-08

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Mitsubishielectric Search vendor "Mitsubishielectric"	Fx5uc Firmware Search vendor "Mitsubishielectric" for product "Fx5uc Firmware"	-	-	Affected	in	Mitsubishielectric Search vendor "Mitsubishielectric"	Fx5uc Search vendor "Mitsubishielectric" for product "Fx5uc"	-	-	Safe
Mitsubishielectric Search vendor "Mitsubishielectric"	Fx5uc-32mr\/ds-ts Firmware Search vendor "Mitsubishielectric" for product "Fx5uc-32mr\/ds-ts Firmware"	-	-	Affected	in	Mitsubishielectric Search vendor "Mitsubishielectric"	Fx5uc-32mr\/ds-ts Search vendor "Mitsubishielectric" for product "Fx5uc-32mr\/ds-ts"	-	-	Safe
Mitsubishielectric Search vendor "Mitsubishielectric"	Fx5uc-32mt\/d Firmware Search vendor "Mitsubishielectric" for product "Fx5uc-32mt\/d Firmware"	-	-	Affected	in	Mitsubishielectric Search vendor "Mitsubishielectric"	Fx5uc-32mt\/d Search vendor "Mitsubishielectric" for product "Fx5uc-32mt\/d"	-	-	Safe
Mitsubishielectric Search vendor "Mitsubishielectric"	Fx5uc-32mt\/dss Firmware Search vendor "Mitsubishielectric" for product "Fx5uc-32mt\/dss Firmware"	-	-	Affected	in	Mitsubishielectric Search vendor "Mitsubishielectric"	Fx5uc-32mt\/dss Search vendor "Mitsubishielectric" for product "Fx5uc-32mt\/dss"	-	-	Safe
Mitsubishielectric Search vendor "Mitsubishielectric"	Fx5uj-24mr\/es Firmware Search vendor "Mitsubishielectric" for product "Fx5uj-24mr\/es Firmware"	-	-	Affected	in	Mitsubishielectric Search vendor "Mitsubishielectric"	Fx5uj-24mr\/es Search vendor "Mitsubishielectric" for product "Fx5uj-24mr\/es"	-	-	Safe
Mitsubishielectric Search vendor "Mitsubishielectric"	Fx5uj-24mt\/es Firmware Search vendor "Mitsubishielectric" for product "Fx5uj-24mt\/es Firmware"	-	-	Affected	in	Mitsubishielectric Search vendor "Mitsubishielectric"	Fx5uj-24mt\/es Search vendor "Mitsubishielectric" for product "Fx5uj-24mt\/es"	-	-	Safe
Mitsubishielectric Search vendor "Mitsubishielectric"	Fx5uj-24mt\/ess Firmware Search vendor "Mitsubishielectric" for product "Fx5uj-24mt\/ess Firmware"	-	-	Affected	in	Mitsubishielectric Search vendor "Mitsubishielectric"	Fx5uj-24mt\/ess Search vendor "Mitsubishielectric" for product "Fx5uj-24mt\/ess"	-	-	Safe
Mitsubishielectric Search vendor "Mitsubishielectric"	Fx5uj-40mr\/es Firmware Search vendor "Mitsubishielectric" for product "Fx5uj-40mr\/es Firmware"	-	-	Affected	in	Mitsubishielectric Search vendor "Mitsubishielectric"	Fx5uj-40mr\/es Search vendor "Mitsubishielectric" for product "Fx5uj-40mr\/es"	-	-	Safe
Mitsubishielectric Search vendor "Mitsubishielectric"	Fx5uj-40mt\/es Firmware Search vendor "Mitsubishielectric" for product "Fx5uj-40mt\/es Firmware"	-	-	Affected	in	Mitsubishielectric Search vendor "Mitsubishielectric"	Fx5uj-40mt\/es Search vendor "Mitsubishielectric" for product "Fx5uj-40mt\/es"	-	-	Safe
Mitsubishielectric Search vendor "Mitsubishielectric"	Fx5uj-40mt\/ess Firmware Search vendor "Mitsubishielectric" for product "Fx5uj-40mt\/ess Firmware"	-	-	Affected	in	Mitsubishielectric Search vendor "Mitsubishielectric"	Fx5uj-40mt\/ess Search vendor "Mitsubishielectric" for product "Fx5uj-40mt\/ess"	-	-	Safe
Mitsubishielectric Search vendor "Mitsubishielectric"	Fx5uj-60mr\/es Firmware Search vendor "Mitsubishielectric" for product "Fx5uj-60mr\/es Firmware"	-	-	Affected	in	Mitsubishielectric Search vendor "Mitsubishielectric"	Fx5uj-60mr\/es Search vendor "Mitsubishielectric" for product "Fx5uj-60mr\/es"	-	-	Safe
Mitsubishielectric Search vendor "Mitsubishielectric"	Fx5uj-60mt\/es Firmware Search vendor "Mitsubishielectric" for product "Fx5uj-60mt\/es Firmware"	-	-	Affected	in	Mitsubishielectric Search vendor "Mitsubishielectric"	Fx5uj-60mt\/es Search vendor "Mitsubishielectric" for product "Fx5uj-60mt\/es"	-	-	Safe
Mitsubishielectric Search vendor "Mitsubishielectric"	Fx5uj-60mt\/ess Firmware Search vendor "Mitsubishielectric" for product "Fx5uj-60mt\/ess Firmware"	-	-	Affected	in	Mitsubishielectric Search vendor "Mitsubishielectric"	Fx5uj-60mt\/ess Search vendor "Mitsubishielectric" for product "Fx5uj-60mt\/ess"	-	-	Safe
Mitsubishielectric Search vendor "Mitsubishielectric"	Fx5uc-32mt\/dss-ts Firmware Search vendor "Mitsubishielectric" for product "Fx5uc-32mt\/dss-ts Firmware"	-	-	Affected	in	Mitsubishielectric Search vendor "Mitsubishielectric"	Fx5uc-32mt\/dss-ts Search vendor "Mitsubishielectric" for product "Fx5uc-32mt\/dss-ts"	-	-	Safe
Mitsubishielectric Search vendor "Mitsubishielectric"	Fx5uc-32mt\/ds-ts Firmware Search vendor "Mitsubishielectric" for product "Fx5uc-32mt\/ds-ts Firmware"	-	-	Affected	in	Mitsubishielectric Search vendor "Mitsubishielectric"	Fx5uc-32mt\/ds-ts Search vendor "Mitsubishielectric" for product "Fx5uc-32mt\/ds-ts"	-	-	Safe
Mitsubishielectric Search vendor "Mitsubishielectric"	Fx5uj Firmware Search vendor "Mitsubishielectric" for product "Fx5uj Firmware"	-	-	Affected	in	Mitsubishielectric Search vendor "Mitsubishielectric"	Fx5uj Search vendor "Mitsubishielectric" for product "Fx5uj"	-	-	Safe