HIGH🇵🇱 Wersja polska

CVE-2022-40265

CVSS 8.6v3.1pub. 2022-11-30upd. 2024-11-21

Improper Input Validation vulnerability in Mitsubishi Electric Corporation MELSEC iQ-R Series RJ71EN71 Firmware version "65" and prior and Mitsubishi Electric Corporation MELSEC iQ-R Series R04/08/16/32/120ENCPU Network Part Firmware version "65" and prior allows a remote unauthenticated attacker to cause a Denial of Service condition by sending specially crafted packets. A system reset is required for recovery.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
  • Mitsubishielectric R04encpu

    HW
    Mitsubishielectric
    wszystkie wersje
  • Mitsubishielectric R04encpu Firmware

    OS
    Mitsubishielectric
    ≤ 65
  • Mitsubishielectric R08encpu

    HW
    Mitsubishielectric
    wszystkie wersje
  • Mitsubishielectric R08encpu Firmware

    OS
    Mitsubishielectric
    ≤ 65
  • Mitsubishielectric R120encpu

    HW
    Mitsubishielectric
    wszystkie wersje
  • Mitsubishielectric R120encpu Firmware

    OS
    Mitsubishielectric
    ≤ 65
  • Mitsubishielectric R16encpu

    HW
    Mitsubishielectric
    wszystkie wersje
  • Mitsubishielectric R16encpu Firmware

    OS
    Mitsubishielectric
    ≤ 65
  • Mitsubishielectric R32encpu

    HW
    Mitsubishielectric
    wszystkie wersje
  • Mitsubishielectric R32encpu Firmware

    OS
    Mitsubishielectric
    ≤ 65
  • Mitsubishielectric Rj71en71

    HW
    Mitsubishielectric
    wszystkie wersje
  • Mitsubishielectric Rj71en71 Firmware

    OS
    Mitsubishielectric
    ≤ 65
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
Auth BypassDoS
CWE
References

Related vulnerabilities

CVE-2020-16226CRITICAL9.8ten sam produkt

Multiple Mitsubishi Electric products are vulnerable to impersonations of a legitimate device by a malicious a...

CVE-2020-5668HIGH7.5ten sam produkt

Uncontrolled resource consumption vulnerability in MELSEC iQ-R Series modules (R00/01/02CPU firmware version '...

CVE-2020-5527HIGH7.5ten sam produkt

When MELSOFT transmission port (UDP/IP) of Mitsubishi Electric MELSEC iQ-R series (all versions), MELSEC iQ-F ...

CVE-2022-40267MEDIUM5.9ten sam produkt

Predictable Seed in Pseudo-Random Number Generator (PRNG) vulnerability in Mitsubishi Electric Corporation MEL...

CVE-2023-6943CRITICAL9.8PL ✓ten sam vendor

Unsafe Reflection w oprogramowaniu Mitsubishi Electric — zdalne wykonanie kodu