CVE-2022-33323 - Vulnerability Details

Active Debug Code vulnerability in robot controller of Mitsubishi Electric Corporation industrial robot MELFA SD/SQ Series and MELFA F-Series allows a remote unauthenticated attacker to gain unauthorized access by authentication bypass through an unauthorized telnet login. As for the affected model names, controller types and firmware versions, see the Mitsubishi Electric's advisory which is listed in [References] section.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Mitsubishielectric	Rh-12fh55 Rh-12fh55 Firmware Rh-12fh70 Rh-12fh70 Firmware Rh-12fh85 Rh-12fh85 Firmware Rh-12sdh55 Rh-12sdh55 Firmware Rh-12sdh70 Rh-12sdh70 Firmware Rh-12sdh85 Rh-12sdh85 Firmware Rh-12sqh55 Rh-12sqh55 Firmware Rh-12sqh70 Rh-12sqh70 Firmware Rh-12sqh85 Rh-12sqh85 Firmware Rh-20fh100 Rh-20fh100 Firmware Rh-20fh85 Rh-20fh85 Firmware Rh-20sdh100 Rh-20sdh100 Firmware Rh-20sdh85 Rh-20sdh85 Firmware Rh-20sqh85 Rh-20sqh85 Firmware Rh-3fh35 Rh-3fh35 Firmware Rh-3fh45 Rh-3fh45 Firmware Rh-3fh55 Rh-3fh55 Firmware Rh-3sdhr Rh-3sdhr Firmware Rh-3sqhr Rh-3sqhr Firmware Rh-6fh35 Rh-6fh35 Firmware Rh-6fh45 Rh-6fh45 Firmware Rh-6fh55 Rh-6fh55 Firmware Rh-6sdh35 Rh-6sdh35 Firmware Rh-6sdh45 Rh-6sdh45 Firmware Rh-6sdh55 Rh-6sdh55 Firmware Rh-6sqh35 Rh-6sqh35 Firmware Rh-6sqh45 Rh-6sqh45 Firmware Rh-6sqh55 Rh-6sqh55 Firmware Rv-12sd Rv-12sd Firmware Rv-12sdl Rv-12sdl Firmware Rv-12sq Rv-12sq Firmware Rv-12sql Rv-12sql Firmware Rv-13f Rv-13f Firmware Rv-13fl Rv-13fl Firmware Rv-20f Rv-20f Firmware Rv-2f Rv-2f Firmware Rv-2sdb Rv-2sdb Firmware Rv-2sqb Rv-2sqb Firmware Rv-3sd Rv-3sd Firmware Rv-3sdj Rv-3sdj Firmware Rv-3sq Rv-3sq Firmware Rv-3sqj Rv-3sqj Firmware Rv-4f Rv-4f Firmware Rv-4fl Rv-4fl Firmware Rv-6sd Rv-6sd Firmware Rv-6sdl Rv-6sdl Firmware Rv-6sq Rv-6sq Firmware Rv-6sql Rv-6sql Firmware Rv-7f Rv-7f Firmware Rv-7fl Rv-7fl Firmware Rv-7fll Rv-7fll Firmware

Configuration 1 [-]

AND

cpe:2.3:o:mitsubishielectric:rh-12sdh55_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mitsubishielectric:rh-12sdh55:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:mitsubishielectric:rh-12sdh70_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mitsubishielectric:rh-12sdh70:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:o:mitsubishielectric:rh-12sdh85_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mitsubishielectric:rh-12sdh85:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND

cpe:2.3:o:mitsubishielectric:rh-12sqh55_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mitsubishielectric:rh-12sqh55:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND

cpe:2.3:o:mitsubishielectric:rh-12sqh70_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mitsubishielectric:rh-12sqh70:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND

cpe:2.3:o:mitsubishielectric:rh-12sqh85_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mitsubishielectric:rh-12sqh85:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND

cpe:2.3:o:mitsubishielectric:rh-20sdh100_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mitsubishielectric:rh-20sdh100:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND

cpe:2.3:o:mitsubishielectric:rh-20sdh85_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mitsubishielectric:rh-20sdh85:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND

cpe:2.3:o:mitsubishielectric:rh-20sqh85_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mitsubishielectric:rh-20sqh85:-:*:*:*:*:*:*:*

Configuration 10 [-]

AND

cpe:2.3:o:mitsubishielectric:rh-3sdhr_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mitsubishielectric:rh-3sdhr:-:*:*:*:*:*:*:*

Configuration 11 [-]

AND

cpe:2.3:o:mitsubishielectric:rh-3sqhr_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mitsubishielectric:rh-3sqhr:-:*:*:*:*:*:*:*

Configuration 12 [-]

AND

cpe:2.3:o:mitsubishielectric:rh-6sdh35_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mitsubishielectric:rh-6sdh35:-:*:*:*:*:*:*:*

Configuration 13 [-]

AND

cpe:2.3:o:mitsubishielectric:rh-6sdh45_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mitsubishielectric:rh-6sdh45:-:*:*:*:*:*:*:*

Configuration 14 [-]

AND

cpe:2.3:o:mitsubishielectric:rh-6sdh55_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mitsubishielectric:rh-6sdh55:-:*:*:*:*:*:*:*

Configuration 15 [-]

AND

cpe:2.3:o:mitsubishielectric:rh-6sqh35_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mitsubishielectric:rh-6sqh35:-:*:*:*:*:*:*:*

Configuration 16 [-]

AND

cpe:2.3:o:mitsubishielectric:rh-6sqh45_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mitsubishielectric:rh-6sqh45:-:*:*:*:*:*:*:*

Configuration 17 [-]

AND

cpe:2.3:o:mitsubishielectric:rh-6sqh55_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mitsubishielectric:rh-6sqh55:-:*:*:*:*:*:*:*

Configuration 18 [-]

AND

cpe:2.3:o:mitsubishielectric:rv-12sd_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mitsubishielectric:rv-12sd:-:*:*:*:*:*:*:*

Configuration 19 [-]

AND

cpe:2.3:o:mitsubishielectric:rv-12sdl_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mitsubishielectric:rv-12sdl:-:*:*:*:*:*:*:*

Configuration 20 [-]

AND

cpe:2.3:o:mitsubishielectric:rv-12sq_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mitsubishielectric:rv-12sq:-:*:*:*:*:*:*:*

Configuration 21 [-]

AND

cpe:2.3:o:mitsubishielectric:rv-12sql_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mitsubishielectric:rv-12sql:-:*:*:*:*:*:*:*

Configuration 22 [-]

AND

cpe:2.3:o:mitsubishielectric:rv-2sdb_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mitsubishielectric:rv-2sdb:-:*:*:*:*:*:*:*

Configuration 23 [-]

AND

cpe:2.3:o:mitsubishielectric:rv-2sqb_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mitsubishielectric:rv-2sqb:-:*:*:*:*:*:*:*

Configuration 24 [-]

AND

cpe:2.3:o:mitsubishielectric:rv-3sd_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mitsubishielectric:rv-3sd:-:*:*:*:*:*:*:*

Configuration 25 [-]

AND

cpe:2.3:o:mitsubishielectric:rv-3sdj_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mitsubishielectric:rv-3sdj:-:*:*:*:*:*:*:*

Configuration 26 [-]

AND

cpe:2.3:o:mitsubishielectric:rv-3sq_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mitsubishielectric:rv-3sq:-:*:*:*:*:*:*:*

Configuration 27 [-]

AND

cpe:2.3:o:mitsubishielectric:rv-3sqj_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mitsubishielectric:rv-3sqj:-:*:*:*:*:*:*:*

Configuration 28 [-]

AND

cpe:2.3:o:mitsubishielectric:rv-6sd_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mitsubishielectric:rv-6sd:-:*:*:*:*:*:*:*

Configuration 29 [-]

AND

cpe:2.3:o:mitsubishielectric:rv-6sdl_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mitsubishielectric:rv-6sdl:-:*:*:*:*:*:*:*

Configuration 30 [-]

AND

cpe:2.3:o:mitsubishielectric:rv-6sq_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mitsubishielectric:rv-6sq:-:*:*:*:*:*:*:*

Configuration 31 [-]

AND

cpe:2.3:o:mitsubishielectric:rv-6sql_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mitsubishielectric:rv-6sql:-:*:*:*:*:*:*:*

Configuration 32 [-]

AND

cpe:2.3:o:mitsubishielectric:rh-12fh55_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mitsubishielectric:rh-12fh55:-:*:*:*:*:*:*:*

Configuration 33 [-]

AND

cpe:2.3:o:mitsubishielectric:rh-12fh70_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mitsubishielectric:rh-12fh70:-:*:*:*:*:*:*:*

Configuration 34 [-]

AND

cpe:2.3:o:mitsubishielectric:rh-12fh85_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mitsubishielectric:rh-12fh85:-:*:*:*:*:*:*:*

Configuration 35 [-]

AND

cpe:2.3:o:mitsubishielectric:rh-20fh100_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mitsubishielectric:rh-20fh100:-:*:*:*:*:*:*:*

Configuration 36 [-]

AND

cpe:2.3:o:mitsubishielectric:rh-20fh85_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mitsubishielectric:rh-20fh85:-:*:*:*:*:*:*:*

Configuration 37 [-]

AND

cpe:2.3:o:mitsubishielectric:rh-3fh35_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mitsubishielectric:rh-3fh35:-:*:*:*:*:*:*:*

Configuration 38 [-]

AND

cpe:2.3:o:mitsubishielectric:rh-3fh45_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mitsubishielectric:rh-3fh45:-:*:*:*:*:*:*:*

Configuration 39 [-]

AND

cpe:2.3:o:mitsubishielectric:rh-3fh55_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mitsubishielectric:rh-3fh55:-:*:*:*:*:*:*:*

Configuration 40 [-]

AND

cpe:2.3:o:mitsubishielectric:rh-6fh35_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mitsubishielectric:rh-6fh35:-:*:*:*:*:*:*:*

Configuration 41 [-]

AND

cpe:2.3:o:mitsubishielectric:rh-6fh45_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mitsubishielectric:rh-6fh45:-:*:*:*:*:*:*:*

Configuration 42 [-]

AND

cpe:2.3:o:mitsubishielectric:rh-6fh55_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mitsubishielectric:rh-6fh55:-:*:*:*:*:*:*:*

Configuration 43 [-]

AND

cpe:2.3:o:mitsubishielectric:rv-13f_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mitsubishielectric:rv-13f:-:*:*:*:*:*:*:*

Configuration 44 [-]

AND

cpe:2.3:o:mitsubishielectric:rv-13fl_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mitsubishielectric:rv-13fl:-:*:*:*:*:*:*:*

Configuration 45 [-]

AND

cpe:2.3:o:mitsubishielectric:rv-20f_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mitsubishielectric:rv-20f:-:*:*:*:*:*:*:*

Configuration 46 [-]

AND

cpe:2.3:o:mitsubishielectric:rv-2f_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mitsubishielectric:rv-2f:-:*:*:*:*:*:*:*

Configuration 47 [-]

AND

cpe:2.3:o:mitsubishielectric:rv-4f_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mitsubishielectric:rv-4f:-:*:*:*:*:*:*:*

Configuration 48 [-]

AND

cpe:2.3:o:mitsubishielectric:rv-4fl_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mitsubishielectric:rv-4fl:-:*:*:*:*:*:*:*

Configuration 49 [-]

AND

cpe:2.3:o:mitsubishielectric:rv-7f_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mitsubishielectric:rv-7f:-:*:*:*:*:*:*:*

Configuration 50 [-]

AND

cpe:2.3:o:mitsubishielectric:rv-7fl_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mitsubishielectric:rv-7fl:-:*:*:*:*:*:*:*

Configuration 51 [-]

AND

cpe:2.3:o:mitsubishielectric:rv-7fll_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mitsubishielectric:rv-7fll:-:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://jvn.jp/vu/JVNVU94588481/index.html
https://www.cisa.gov/uscert/ics/advisories/icsa-23-026-05
https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-020_en.pdf

History

No history.

MITRE

Status: PUBLISHED

Assigner: Mitsubishi

Published: 2023-02-02T05:49:26.394Z

Updated: 2024-08-03T08:09:21.317Z

Reserved: 2022-06-14T17:50:53.643Z

Link: CVE-2022-33323

Vulnrichment

No data.

NVD

Status : Modified

Published: 2023-02-02T06:15:08.393

Modified: 2024-11-21T07:08:11.440

Link: CVE-2022-33323

Redhat

No data.

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact None

User Interaction None

Affected Vendors & Products

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact None

User Interaction None

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object