Improper Input Validation vulnerability in Mitsubishi Electric Corporation MELSEC iQ-R Series RJ71EN71 Firmware version "65" and prior and Mitsubishi Electric Corporation MELSEC iQ-R Series R04/08/16/32/120ENCPU Network Part Firmware version "65" and prior allows a remote unauthenticated attacker to cause a Denial of Service condition by sending specially crafted packets. A system reset is required for recovery.
References
Link | Resource |
---|---|
https://jvn.jp/vu/JVNVU94702422 | Third Party Advisory |
https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-017_en.pdf | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
Configuration 5 (hide)
AND |
|
Configuration 6 (hide)
AND |
|
History
06 Dec 2022, 19:36
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-017_en.pdf - Vendor Advisory | |
References | (MISC) https://jvn.jp/vu/JVNVU94702422 - Third Party Advisory | |
CWE | CWE-20 | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.5 |
CPE | cpe:2.3:o:mitsubishielectric:rj71en71_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:mitsubishielectric:r32encpu_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:mitsubishielectric:r08encpu_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:mitsubishielectric:r08encpu:-:*:*:*:*:*:*:* cpe:2.3:h:mitsubishielectric:r16encpu:-:*:*:*:*:*:*:* cpe:2.3:h:mitsubishielectric:r32encpu:-:*:*:*:*:*:*:* cpe:2.3:o:mitsubishielectric:r04encpu_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:mitsubishielectric:r120encpu_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:mitsubishielectric:rj71en71:-:*:*:*:*:*:*:* cpe:2.3:h:mitsubishielectric:r04encpu:-:*:*:*:*:*:*:* cpe:2.3:o:mitsubishielectric:r16encpu_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:mitsubishielectric:r120encpu:-:*:*:*:*:*:*:* |
|
First Time |
Mitsubishielectric r32encpu
Mitsubishielectric r120encpu Firmware Mitsubishielectric r32encpu Firmware Mitsubishielectric Mitsubishielectric r08encpu Mitsubishielectric r04encpu Mitsubishielectric r04encpu Firmware Mitsubishielectric r120encpu Mitsubishielectric r16encpu Firmware Mitsubishielectric r16encpu Mitsubishielectric rj71en71 Firmware Mitsubishielectric rj71en71 Mitsubishielectric r08encpu Firmware |
30 Nov 2022, 02:35
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-11-30 01:15
Updated : 2023-12-10 14:48
NVD link : CVE-2022-40265
Mitre link : CVE-2022-40265
CVE.ORG link : CVE-2022-40265
JSON object : View
Products Affected
mitsubishielectric
- r04encpu
- r08encpu
- r32encpu
- rj71en71_firmware
- rj71en71
- r16encpu
- r16encpu_firmware
- r08encpu_firmware
- r04encpu_firmware
- r32encpu_firmware
- r120encpu_firmware
- r120encpu
CWE
CWE-20
Improper Input Validation