CVE-2022-25164
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Cleartext Storage of Sensitive Information vulnerability in Mitsubishi Electric GX Works3 versions from 1.000A to 1.095Z and Mitsubishi Electric MX OPC UA Module Configurator-R versions 1.08J and prior allows a remote unauthenticated attacker to disclose sensitive information. As a result, unauthenticated attackers can gain unauthorized access to the MELSEC CPU module and the MELSEC OPC UA server module.
Vulnerabilidad de almacenamiento de texto sin cifrar de información confidencial en Mitsubishi Electric GX Works3 versiones de 1.000A a 1.095Z y Mitsubishi Electric MX OPC UA Module Configurator-R versiones 1.08J y anteriores permite que un atacante remoto no autenticado revele información sensible. Como resultado, atacantes no autenticados pueden obtener acceso no autorizado al módulo de CPU de MELSEC y al módulo de servidor OPC UA de MELSEC.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2022-02-14 CVE Reserved
- 2022-11-24 CVE Published
- 2024-06-16 EPSS Updated
- 2024-08-03 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-312: Cleartext Storage of Sensitive Information
CAPEC
References (3)
| URL | Tag | Source |
|---|---|---|
| https://jvn.jp/vu/JVNVU97244961/index.html | Government Resource | |
| https://www.cisa.gov/uscert/ics/advisories/icsa-22-333-05 | Government Resource |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-015_en.pdf | 2023-06-29 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Mitsubishielectric Search vendor "Mitsubishielectric" | Gx Works3 Search vendor "Mitsubishielectric" for product "Gx Works3" | >= 1.000a <= 1.011m Search vendor "Mitsubishielectric" for product "Gx Works3" and version " >= 1.000a <= 1.011m" | - |
Affected
| ||||||
| Mitsubishielectric Search vendor "Mitsubishielectric" | Gx Works3 Search vendor "Mitsubishielectric" for product "Gx Works3" | >= 1.015r <= 1.086q Search vendor "Mitsubishielectric" for product "Gx Works3" and version " >= 1.015r <= 1.086q" | - |
Affected
| ||||||
| Mitsubishielectric Search vendor "Mitsubishielectric" | Gx Works3 Search vendor "Mitsubishielectric" for product "Gx Works3" | >= 1.087r Search vendor "Mitsubishielectric" for product "Gx Works3" and version " >= 1.087r" | - |
Affected
| ||||||
| Mitsubishielectric Search vendor "Mitsubishielectric" | Mx Opc Ua Module Configurator-r Search vendor "Mitsubishielectric" for product "Mx Opc Ua Module Configurator-r" | - | - |
Affected
| ||||||