CVE-2022-33324

Summary

Improper Resource Shutdown or Release vulnerability in Mitsubishi Electric Corporation MELSEC iQ-R Series R00/01/02CPU Firmware versions "32" and prior, Mitsubishi Electric Corporation MELSEC iQ-R Series R04/08/16/32/120(EN)CPU Firmware versions "65" and prior, Mitsubishi Electric Corporation MELSEC iQ-R Series R08/16/32/120SFCPU Firmware versions "29" and prior, Mitsubishi Electric Corporation MELSEC iQ-R Series R08/16/32/120PSFCPU Firmware versions "08" and prior, Mitsubishi Electric Corporation MELSEC iQ-R Series R12CCPU-V Firmware versions "17" and prior, Mitsubishi Electric Corporation MELSEC iQ-L Series L04/08/16/32HCPU Firmware versions "05" and prior and Mitsubishi Electric Corporation MELIPC Series MI5122-VW Firmware versions "07" and prior allows a remote unauthenticated attacker to cause a Denial of Service condition in Ethernet communication on the module by sending specially crafted packets. A system reset of the module is required for recovery.

Affected Software

VendorProductVersion RangeStatus
Mitsubishi Electric CorporationMELSEC iQ-R Series R00CPUFirmware versions "32" and prioraffected
Mitsubishi Electric CorporationMELSEC iQ-R Series R01CPUFirmware versions "32" and prioraffected
Mitsubishi Electric CorporationMELSEC iQ-R Series R02CPUFirmware versions "32" and prioraffected
Mitsubishi Electric CorporationMELSEC iQ-R Series R04CPUFirmware versions "65" and prioraffected
Mitsubishi Electric CorporationMELSEC iQ-R Series R08CPUFirmware versions "65" and prioraffected
Mitsubishi Electric CorporationMELSEC iQ-R Series R16CPUFirmware versions "65" and prioraffected
Mitsubishi Electric CorporationMELSEC iQ-R Series R32CPUFirmware versions "65" and prioraffected
Mitsubishi Electric CorporationMELSEC iQ-R Series R120CPUFirmware versions "65" and prioraffected
Mitsubishi Electric CorporationMELSEC iQ-R Series R04ENCPUFirmware versions "65" and prioraffected
Mitsubishi Electric CorporationMELSEC iQ-R Series R08ENCPUFirmware versions "65" and prioraffected
Mitsubishi Electric CorporationMELSEC iQ-R Series R16ENCPUFirmware versions "65" and prioraffected
Mitsubishi Electric CorporationMELSEC iQ-R Series R32ENCPUFirmware versions "65" and prioraffected
Mitsubishi Electric CorporationMELSEC iQ-R Series R120ENCPUFirmware versions "65" and prioraffected
Mitsubishi Electric CorporationMELSEC iQ-R Series R08SFCPUFirmware versions "29" and prioraffected
Mitsubishi Electric CorporationMELSEC iQ-R Series R16SFCPUFirmware versions "29" and prioraffected
Mitsubishi Electric CorporationMELSEC iQ-R Series R32SFCPUFirmware versions "29" and prioraffected
Mitsubishi Electric CorporationMELSEC iQ-R Series R120SFCPUFirmware versions "29" and prioraffected
Mitsubishi Electric CorporationMELSEC iQ-R Series R12CCPU-VFirmware versions "17" and prioraffected
Mitsubishi Electric CorporationMELSEC iQ-L Series L04HCPUFirmware versions "05" and prioraffected
Mitsubishi Electric CorporationMELSEC iQ-L Series L08HCPUFirmware versions "05" and prioraffected
Mitsubishi Electric CorporationMELSEC iQ-L Series L16HCPUFirmware versions "05" and prioraffected
Mitsubishi Electric CorporationMELSEC iQ-L Series L32HCPUFirmware versions "05" and prioraffected
Mitsubishi Electric CorporationMELIPC Series MI5122-VWFirmware versions "07" and prioraffected
Mitsubishi Electric CorporationMELSEC iQ-R Series R08PSFCPUFirmware versions "08" and prioraffected
Mitsubishi Electric CorporationMELSEC iQ-R Series R16PSFCPUFirmware versions "08" and prioraffected
Mitsubishi Electric CorporationMELSEC iQ-R Series R32PSFCPUFirmware versions "08" and prioraffected
Mitsubishi Electric CorporationMELSEC iQ-R Series R120PSFCPUFirmware versions "08" and prioraffected

Weaknesses

  • CWE-404: CWE-404 Improper Resource Shutdown or Release

ADP Enrichment

CVE Program Container

Additional References

References