Detections
Analytics

Mitsubishi Electric FA Products Cleartext Storage of Sensitive Information (CVE-2022-25160)

medium Tenable OT Security Plugin ID 500633

Synopsis

The remote OT asset is affected by a vulnerability.

Description

Cleartext Storage of Sensitive Information vulnerability in Mitsubishi Electric MELSEC iQ-F series FX5U(C) CPU all versions and Mitsubishi Electric MELSEC iQ-F series FX5UJ CPU all versions allows a remote unauthenticated attacker to disclose a file in a legitimate user's product by using previously eavesdropped cleartext information and to counterfeit a legitimate user's system.

This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information.

Solution

The following text was originally created by the Cybersecurity and Infrastructure Security Agency (CISA). The original can be found at CISA.gov.

Mitsubishi Electric recommends users take the following mitigation measures to minimize the risk of exploitation of these vulnerabilities:

- When communicating via untrusted networks or hosts, encrypt the communication path by setting up a VPN.

- Use firewalls or IP filter function to restrict connections to the products and prevent access from untrusted networks or hosts. For details on IP filter function, refer to the following product manual:
 - “12.1 IP Filter Function” in the MELSEC iQ-F FX 5 User’s Manual (Ethernet Communication)
 - "IP filter" of "1.13 Security" in the MELSEC iQ-R Ethernet User's Manual (Application)
 - "IP Filter Function" of "6.2 Security Function" in the MELSEC iQ-R Motion Controller Programming Manual (Common)
 - "IP filter" of "1.4 Security" in the MELSEC iQ-R CC-Link IE TSN User's Manual (Application)
 - "IP filter" of "9.5 Security" in the MELSEC iQ-R CC-Link IE TSN Plus Master/Local Module User’s Manual
 - "14.3 IP Filter Function" in the Q Corresponding Ethernet Interface Module User's Manual (Basic)
 - "14.3 IP Filter Function" in the MELSEC-L Ethernet Interface Module User's Manual (Basic)

For more information see Mitsubishi Electric’s advisory 2021-031

See Also

https://jvn.jp/vu/JVNVU96577897/index.html

http://www.nessus.org/u?b01f6da0

https://www.cisa.gov/uscert/ics/advisories/icsa-22-090-04

Plugin Details

Severity: Medium

ID: 500633

Version: 1.7

Type: remote

Family: Tenable.ot

Published: 4/28/2022

Updated: 9/4/2024

Supported Sensors: Tenable OT Security

Risk Information

VPR

Risk Factor: Low

Score: 3.6

CVSS v2

Risk Factor: Medium

Base Score: 4.3

Temporal Score: 3.2

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N

CVSS Score Source: CVE-2022-25160

CVSS v3

Risk Factor: Medium

Base Score: 5.9

Temporal Score: 5.2

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:mitsubishielectric:fx5uc-32mr%2fds-ts_firmware:-, cpe:/o:mitsubishielectric:fx5uj-24mr%2fes_firmware:-, cpe:/o:mitsubishielectric:fx5uj-24mt%2fes_firmware:-, cpe:/o:mitsubishielectric:fx5uc-32mt%2fd_firmware:-, cpe:/o:mitsubishielectric:fx5uj-40mr%2fes_firmware:-, cpe:/o:mitsubishielectric:fx5uj-60mt%2fes_firmware:-, cpe:/o:mitsubishielectric:fx5uc-32mt%2fdss_firmware:-, cpe:/o:mitsubishielectric:fx5uj-24mt%2fess_firmware:-, cpe:/o:mitsubishielectric:fx5uj-40mt%2fess_firmware:-, cpe:/o:mitsubishielectric:fx5uj-60mt%2fess_firmware:-, cpe:/o:mitsubishielectric:fx5uc-32mt%2fds-ts_firmware:-, cpe:/o:mitsubishielectric:fx5uc-32mt%2fdss-ts_firmware:-, cpe:/o:mitsubishielectric:fx5uc_firmware:-, cpe:/o:mitsubishielectric:fx5uj-40mt%2fes_firmware:-, cpe:/o:mitsubishielectric:fx5uj-60mr%2fes_firmware:-, cpe:/o:mitsubishielectric:fx5uj_firmware:-

Required KB Items: Tenable.ot/Mitsubishi

Exploit Ease: No known exploits are available

Patch Publication Date: 4/1/2022

Vulnerability Publication Date: 4/1/2022

Reference Information

CVE: CVE-2022-25160

CWE: 312

ICSA: 22-090-04