Mitsubishi Electric MELSEC iQ-F Series Improper Input Validation (CVE-2022-25162)

medium Tenable OT Security Plugin ID 500651

Synopsis

The remote OT asset is affected by a vulnerability.

Description

Improper Input Validation vulnerability in Mitsubishi Electric MELSEC iQ-F series FX5U-xMy/z(x=32,64,80, y=T,R, z=ES,DS,ESS,DSS) with serial number 17X**** or later and versions prior to 1.270, Mitsubishi Electric Mitsubishi Electric MELSEC iQ-F series FX5U-xMy/z(x=32,64,80, y=T,R, z=ES,DS,ESS,DSS) with serial number 179**** and prior and versions prior to 1.073, MELSEC iQ-F series FX5UC-xMy/z(x=32,64,96, y=T,R, z=D,DSS) with serial number 17X**** or later and versions prior to 1.270, Mitsubishi Electric MELSEC iQ-F series FX5UC- xMy/z(x=32,64,96, y=T,R, z=D,DSS) with serial number 179**** and prior and versions prior to 1.073, Mitsubishi Electric MELSEC iQ-F series FX5UC-32MT/DS-TS versions prior to 1.270, Mitsubishi Electric MELSEC iQ-F series FX5UC-32MT/DSS-TS versions prior to 1.270, Mitsubishi Electric MELSEC iQ-F series FX5UC-32MR/DS-TS versions prior to 1.270, Mitsubishi Electric MELSEC iQ-F series FX5UJ-xMy/z(x=24,40,60, y=T,R, z=ES,ESS) versions prior to 1.030, Mitsubishi Electric MELSEC iQ-F series FX5UJ-xMy/ES-A(x=24,40,60, y=T,R) versions prior to 1.031 and Mitsubishi Electric MELSEC iQ-F series FX5S-xMy/z(x=30,40,60,80, y=T,R, z=ES,ESS) version 1.000 allows a remote unauthenticated attacker to cause a temporary DoS condition for the product's communication by sending specially crafted packets.

This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.

Solution

The following text was originally created by the Cybersecurity and Infrastructure Security Agency (CISA). The original can be found at CISA.gov.

Mitsubishi Electric has provided the following mitigations or workarounds:

- MELSEC iQ-F FX5U-xMy/z x=32,64,80, y=T,R, z=ES,DS,ESS,DSS with Serial number 17X**** or later update to v1.270 or later
- MELSEC iQ-F FX5U-xMy/z x=32,64,80, y=T,R, z=ES, DS, ESS, DSS with serial number 179**** and prior update to v1.073 or later
- MELSEC iQ-F FX5UC-xMy/z x=32,64,96, y=T,R, z=D,DSS with serial number 17X**** or later update to v1.270 or later
- MELSEC iQ-F FX5UC-xMy/z x=32,64,96, y=T,R, z=D,DSS with Serial number 179**** and prior update to v1.073 or later
- MELSEC iQ-F FX5UC-32MT/DS-TS, FX5UC-32MT/DSS-TS, FX5UC-32MR/DS-TS update to v1.270 or later
- MELSEC iQ-F FX5UJ-xMy/z x=24,40,60, y=T,R, z=ES,ESS update to v1.030 or later
- MELSEC iQ-F FX5UJ-xMy/ES-A x=24,40,60, y=T.R please contact a Mitsubishi Electric representative
- MELSEC iQ-F FX5S-xMy/z x-30,40,60,80, y=T.R, z=ES,ESS please contact a Mitsubishi Electric representative

Use a firewall or virtual private network to prevent unauthorized access when Internet access is required.

Use firewalls or an IP filter function to restrict connections to these products and prevent access from untrusted networks or hosts. For details on the IP filter function, refer to 12.1 IP Filter Function in MELSEC iQ-F FX5 User’s Manual (Ethernet Communication).

See Also

http://www.nessus.org/u?73a9e81b

https://jvn.jp/vu/JVNVU95926817/index.html

https://www.cisa.gov/uscert/ics/advisories/icsa-22-139-01

Plugin Details

Severity: Medium

ID: 500651

Version: 1.5

Type: remote

Family: Tenable.ot

Published: 6/7/2022

Updated: 9/4/2024

Supported Sensors: Tenable OT Security

Risk Information

VPR

Risk Factor: Low

Score: 1.4

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 3.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS Score Source: CVE-2022-25162

CVSS v3

Risk Factor: Medium

Base Score: 5.3

Temporal Score: 4.6

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:mitsubishielectric:melsec_iq-fx5u-64mt%2fes_firmware, cpe:/o:mitsubishielectric:melsec_iq-fx5uj-40mr%2fes-a_firmware, cpe:/o:mitsubishielectric:melsec_iq-fx5s-80mr%2fes_firmware:1.000, cpe:/o:mitsubishielectric:melsec_iq-fx5u-32mr%2fes_firmware, cpe:/o:mitsubishielectric:melsec_iq-fx5uj-24mr%2fes-a_firmware, cpe:/o:mitsubishielectric:melsec_iq-fx5u-32mr%2fdss_firmware, cpe:/o:mitsubishielectric:melsec_iq-fx5u-32mt%2fds_firmware, cpe:/o:mitsubishielectric:melsec_iq-fx5uc-32mr%2fds_firmware:1, cpe:/o:mitsubishielectric:melsec_iq-fx5u-32mr%2fess_firmware, cpe:/o:mitsubishielectric:melsec_iq-fx5u-80mr%2fds_firmware, cpe:/o:mitsubishielectric:melsec_iq-fx5uc-32mr%2fds-ts_firmware, cpe:/o:mitsubishielectric:melsec_iq-fx5s-60mt%2fess_firmware:1.000, cpe:/o:mitsubishielectric:melsec_iq-fx5u-32mt%2fdss_firmware, cpe:/o:mitsubishielectric:melsec_iq-fx5uc-64mt%2fdds_firmware:1, cpe:/o:mitsubishielectric:melsec_iq-fx5uj-24mt%2fes-a_firmware, cpe:/o:mitsubishielectric:melsec_iq-fx5s-60mr%2fess_firmware:1.000, cpe:/o:mitsubishielectric:melsec_iq-fx5s-80mt%2fess_firmware:1.000, cpe:/o:mitsubishielectric:melsec_iq-fx5uj-24mr%2fess_firmware, cpe:/o:mitsubishielectric:melsec_iq-fx5s-60mr%2fes_firmware:1.000, cpe:/o:mitsubishielectric:melsec_iq-fx5s-30mt%2fess_firmware:1.000, cpe:/o:mitsubishielectric:melsec_iq-fx5s-30mr%2fess_firmware:1.000, cpe:/o:mitsubishielectric:melsec_iq-fx5u-64mt%2fdss_firmware, cpe:/o:mitsubishielectric:melsec_iq-fx5uc-64mr%2fdds_firmware:1, cpe:/o:mitsubishielectric:melsec_iq-fx5uj-24mr%2fes_firmware, cpe:/o:mitsubishielectric:melsec_iq-fx5uj-24mt%2fes_firmware, cpe:/o:mitsubishielectric:melsec_iq-fx5uj-60mr%2fess_firmware, cpe:/o:mitsubishielectric:melsec_iq-fx5s-30mt%2fes_firmware:1.000, cpe:/o:mitsubishielectric:melsec_iq-fx5uj-60mt%2fes_firmware, cpe:/o:mitsubishielectric:melsec_iq-fx5uc-64mr%2fds_firmware:1, cpe:/o:mitsubishielectric:melsec_iq-fx5uc-96mr%2fds_firmware:1, cpe:/o:mitsubishielectric:melsec_iq-fx5uc-96mr%2fdds_firmware:1, cpe:/o:mitsubishielectric:melsec_iq-fx5u-80mr%2fess_firmware, cpe:/o:mitsubishielectric:melsec_iq-fx5u-32mr%2fds_firmware, cpe:/o:mitsubishielectric:melsec_iq-fx5u-80mt%2fdss_firmware, cpe:/o:mitsubishielectric:melsec_iq-fx5uj-40mt%2fes_firmware, cpe:/o:mitsubishielectric:melsec_iq-fx5u-80mt%2fds_firmware, cpe:/o:mitsubishielectric:melsec_iq-fx5s-40mt%2fess_firmware:1.000, cpe:/o:mitsubishielectric:melsec_iq-fx5s-40mt%2fes_firmware:1.000, cpe:/o:mitsubishielectric:melsec_iq-fx5u-64mr%2fds_firmware, cpe:/o:mitsubishielectric:melsec_iq-fx5uj-40mr%2fess_firmware, cpe:/o:mitsubishielectric:melsec_iq-fx5s-40mr%2fes_firmware:1.000, cpe:/o:mitsubishielectric:melsec_iq-fx5uc-32mt%2fdss-ts_firmware, cpe:/o:mitsubishielectric:melsec_iq-fx5uj-40mt%2fess_firmware, cpe:/o:mitsubishielectric:melsec_iq-fx5uj-60mr%2fes_firmware, cpe:/o:mitsubishielectric:melsec_iq-fx5u-64mr%2fess_firmware, cpe:/o:mitsubishielectric:melsec_iq-fx5s-40mr%2fess_firmware:1.000, cpe:/o:mitsubishielectric:melsec_iq-fx5uj-40mt%2fes-a_firmware, cpe:/o:mitsubishielectric:melsec_iq-fx5u-80mt%2fess_firmware, cpe:/o:mitsubishielectric:melsec_iq-fx5u-80mr%2fdss_firmware, cpe:/o:mitsubishielectric:melsec_iq-fx5uc-96mt%2fdds_firmware:1, cpe:/o:mitsubishielectric:melsec_iq-fx5s-80mr%2fess_firmware:1.000, cpe:/o:mitsubishielectric:melsec_iq-fx5u-64mt%2fds_firmware, cpe:/o:mitsubishielectric:melsec_iq-fx5uc-32mt%2fdds_firmware:1, cpe:/o:mitsubishielectric:melsec_iq-fx5s-60mt%2fes_firmware:1.000, cpe:/o:mitsubishielectric:melsec_iq-fx5u-32mt%2fess_firmware, cpe:/o:mitsubishielectric:melsec_iq-fx5u-64mr%2fdss_firmware, cpe:/o:mitsubishielectric:melsec_iq-fx5uj-24mt%2fess_firmware, cpe:/o:mitsubishielectric:melsec_iq-fx5uj-40mr%2fes_firmware, cpe:/o:mitsubishielectric:melsec_iq-fx5s-80mt%2fes_firmware:1.000, cpe:/o:mitsubishielectric:melsec_iq-fx5uj-60mt%2fess_firmware, cpe:/o:mitsubishielectric:melsec_iq-fx5u-32mt%2fes_firmware, cpe:/o:mitsubishielectric:melsec_iq-fx5uc-32mr%2fdds_firmware:1, cpe:/o:mitsubishielectric:melsec_iq-fx5uc-64mt%2fds_firmware:1, cpe:/o:mitsubishielectric:melsec_iq-fx5uj-60mr%2fes-a_firmware, cpe:/o:mitsubishielectric:melsec_iq-fx5uj-60mt%2fes-a_firmware, cpe:/o:mitsubishielectric:melsec_iq-fx5s-30mr%2fes_firmware:1.000, cpe:/o:mitsubishielectric:melsec_iq-fx5uc-32mt%2fds-ts_firmware, cpe:/o:mitsubishielectric:melsec_iq-fx5uc-96mt%2fds_firmware:1, cpe:/o:mitsubishielectric:melsec_iq-fx5uc-32mt%2fds_firmware:1, cpe:/o:mitsubishielectric:melsec_iq-fx5u-64mr%2fes_firmware, cpe:/o:mitsubishielectric:melsec_iq-fx5u-80mr%2fes_firmware, cpe:/o:mitsubishielectric:melsec_iq-fx5u-64mt%2fess_firmware, cpe:/o:mitsubishielectric:melsec_iq-fx5u-80mt%2fes_firmware

Required KB Items: Tenable.ot/Mitsubishi

Exploit Ease: No known exploits are available

Patch Publication Date: 5/18/2022

Vulnerability Publication Date: 5/18/2022

Reference Information

CVE: CVE-2022-25162

CWE: 20

ICSA: 22-139-01