nvd-json-data-feeds/CVE-2022/CVE-2022-402xx/CVE-2022-40265.json

{
  "id": "CVE-2022-40265",
  "sourceIdentifier": "Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp",
  "published": "2022-11-30T01:15:09.873",
  "lastModified": "2024-11-21T07:21:09.477",
  "vulnStatus": "Modified",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Improper Input Validation vulnerability in Mitsubishi Electric Corporation MELSEC iQ-R Series RJ71EN71 Firmware version \"65\" and prior and Mitsubishi Electric Corporation MELSEC iQ-R Series R04/08/16/32/120ENCPU Network Part Firmware version \"65\" and prior allows a remote unauthenticated attacker to cause a Denial of Service condition by sending specially crafted packets. A system reset is required for recovery."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad de Validaci\u00f3n de Entrada Incorrecta en Mitsubishi Electric Corporation MELSEC iQ-R Series RJ71EN71 Versi\u00f3n de firmware \"65\" y anteriores y Mitsubishi Electric Corporation MELSEC iQ-R Series R04/08/16/32/120ENCPU Network Part Firmware versi\u00f3n \"65\" y anteriores permite una un atacante remoto no autenticado provoque una condici\u00f3n de Denegaci\u00f3n de Servicio mediante el env\u00edo de paquetes especialmente manipulados. Es necesario reiniciar el sistema para la recuperaci\u00f3n."
    }
  ],
  "metrics": {
    "cvssMetricV31": [
      {
        "source": "Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp",
        "type": "Secondary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "attackVector": "NETWORK",
          "attackComplexity": "LOW",
          "privilegesRequired": "NONE",
          "userInteraction": "NONE",
          "scope": "CHANGED",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "availabilityImpact": "HIGH"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0
      },
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "attackVector": "NETWORK",
          "attackComplexity": "LOW",
          "privilegesRequired": "NONE",
          "userInteraction": "NONE",
          "scope": "UNCHANGED",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "availabilityImpact": "HIGH"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6
      }
    ]
  },
  "weaknesses": [
    {
      "source": "Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp",
      "type": "Secondary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ]
    },
    {
      "source": "nvd@nist.gov",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ]
    }
  ],
  "configurations": [
    {
      "operator": "AND",
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:mitsubishielectric:rj71en71_firmware:*:*:*:*:*:*:*:*",
              "versionEndIncluding": "65",
              "matchCriteriaId": "5DA6E8D4-26B3-44EA-94EE-D2ABD0E34D5F"
            }
          ]
        },
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": false,
              "criteria": "cpe:2.3:h:mitsubishielectric:rj71en71:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8BD2CE10-A6DB-4642-8FA8-DD1AFA726EC7"
            }
          ]
        }
      ]
    },
    {
      "operator": "AND",
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:mitsubishielectric:r04encpu_firmware:*:*:*:*:*:*:*:*",
              "versionEndIncluding": "65",
              "matchCriteriaId": "71105F2E-5D80-484B-AE91-964EE6BB00B7"
            }
          ]
        },
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": false,
              "criteria": "cpe:2.3:h:mitsubishielectric:r04encpu:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5862905-F77D-4DEE-88A8-59893362936F"
            }
          ]
        }
      ]
    },
    {
      "operator": "AND",
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:mitsubishielectric:r08encpu_firmware:*:*:*:*:*:*:*:*",
              "versionEndIncluding": "65",
              "matchCriteriaId": "882C402E-D0A4-46F9-B983-B86EBCB24E19"
            }
          ]
        },
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": false,
              "criteria": "cpe:2.3:h:mitsubishielectric:r08encpu:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B85DAD9-7F5B-4740-94A3-94835D82CE3C"
            }
          ]
        }
      ]
    },
    {
      "operator": "AND",
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:mitsubishielectric:r16encpu_firmware:*:*:*:*:*:*:*:*",
              "versionEndIncluding": "65",
              "matchCriteriaId": "054189D9-B6C3-487F-9FA4-97E2D69C69DD"
            }
          ]
        },
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": false,
              "criteria": "cpe:2.3:h:mitsubishielectric:r16encpu:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "81F7DE17-AA44-4E78-B07B-3D9F641DF445"
            }
          ]
        }
      ]
    },
    {
      "operator": "AND",
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:mitsubishielectric:r32encpu_firmware:*:*:*:*:*:*:*:*",
              "versionEndIncluding": "65",
              "matchCriteriaId": "417F4AD4-8FF6-4804-A453-0BA857B68BED"
            }
          ]
        },
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": false,
              "criteria": "cpe:2.3:h:mitsubishielectric:r32encpu:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9546A301-8039-4D42-B1A2-AAF6C3C17203"
            }
          ]
        }
      ]
    },
    {
      "operator": "AND",
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:mitsubishielectric:r120encpu_firmware:*:*:*:*:*:*:*:*",
              "versionEndIncluding": "65",
              "matchCriteriaId": "AF292C53-458C-4DE7-916C-ABD395EBF32B"
            }
          ]
        },
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": false,
              "criteria": "cpe:2.3:h:mitsubishielectric:r120encpu:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "411C7828-D7C7-4B42-82E3-CAC21C15951C"
            }
          ]
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://jvn.jp/vu/JVNVU94702422",
      "source": "Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp",
      "tags": [
        "Third Party Advisory"
      ]
    },
    {
      "url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-017_en.pdf",
      "source": "Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp",
      "tags": [
        "Vendor Advisory"
      ]
    },
    {
      "url": "https://jvn.jp/vu/JVNVU94702422",
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ]
    },
    {
      "url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-017_en.pdf",
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ]
    }
  ]
}
bootstrap 2023-04-24 12:24:31 +02:00			`{`
			`"id": "CVE-2022-40265",`
			`"sourceIdentifier": "Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp",`
			`"published": "2022-11-30T01:15:09.873",`
Auto-Update: 2024-12-08T03:00:18.988682+00:00 2024-12-08 03:06:42 +00:00			`"lastModified": "2024-11-21T07:21:09.477",`
			`"vulnStatus": "Modified",`
Auto-Update: 2024-07-14T02:00:17.787041+00:00 2024-07-14 02:06:08 +00:00			`"cveTags": [],`
bootstrap 2023-04-24 12:24:31 +02:00			`"descriptions": [`
			`{`
			`"lang": "en",`
			`"value": "Improper Input Validation vulnerability in Mitsubishi Electric Corporation MELSEC iQ-R Series RJ71EN71 Firmware version \"65\" and prior and Mitsubishi Electric Corporation MELSEC iQ-R Series R04/08/16/32/120ENCPU Network Part Firmware version \"65\" and prior allows a remote unauthenticated attacker to cause a Denial of Service condition by sending specially crafted packets. A system reset is required for recovery."`
Auto-Update: 2024-04-04T08:42:25.815847+00:00 2024-04-04 08:46:00 +00:00			`},`
			`{`
			`"lang": "es",`
			"value": "Vulnerabilidad de Validaci\u00f3n de Entrada Incorrecta en Mitsubishi Electric Corporation MELSEC iQ-R Series RJ71EN71 Versi\u00f3n de firmware \"65\" y anteriores y Mitsubishi Electric Corporation MELSEC iQ-R Series R04/08/16/32/120ENCPU Network Part Firmware versi\u00f3n \"65\" y anteriores permite una un atacante remoto no autenticado provoque una condici\u00f3n de Denegaci\u00f3n de Servicio mediante el env\u00edo de paquetes especialmente manipulados. Es necesario reiniciar el sistema para la recuperaci\u00f3n."
bootstrap 2023-04-24 12:24:31 +02:00			`}`
			`],`
			`"metrics": {`
			`"cvssMetricV31": [`
			`{`
Auto-Update: 2024-12-08T03:00:18.988682+00:00 2024-12-08 03:06:42 +00:00			`"source": "Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp",`
			`"type": "Secondary",`
bootstrap 2023-04-24 12:24:31 +02:00			`"cvssData": {`
			`"version": "3.1",`
Auto-Update: 2024-12-08T03:00:18.988682+00:00 2024-12-08 03:06:42 +00:00			`"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",`
			`"baseScore": 8.6,`
			`"baseSeverity": "HIGH",`
bootstrap 2023-04-24 12:24:31 +02:00			`"attackVector": "NETWORK",`
			`"attackComplexity": "LOW",`
			`"privilegesRequired": "NONE",`
			`"userInteraction": "NONE",`
Auto-Update: 2024-12-08T03:00:18.988682+00:00 2024-12-08 03:06:42 +00:00			`"scope": "CHANGED",`
bootstrap 2023-04-24 12:24:31 +02:00			`"confidentialityImpact": "NONE",`
			`"integrityImpact": "NONE",`
Auto-Update: 2024-12-08T03:00:18.988682+00:00 2024-12-08 03:06:42 +00:00			`"availabilityImpact": "HIGH"`
bootstrap 2023-04-24 12:24:31 +02:00			`},`
			`"exploitabilityScore": 3.9,`
Auto-Update: 2024-12-08T03:00:18.988682+00:00 2024-12-08 03:06:42 +00:00			`"impactScore": 4.0`
bootstrap 2023-04-24 12:24:31 +02:00			`},`
			`{`
Auto-Update: 2024-12-08T03:00:18.988682+00:00 2024-12-08 03:06:42 +00:00			`"source": "nvd@nist.gov",`
			`"type": "Primary",`
bootstrap 2023-04-24 12:24:31 +02:00			`"cvssData": {`
			`"version": "3.1",`
Auto-Update: 2024-12-08T03:00:18.988682+00:00 2024-12-08 03:06:42 +00:00			`"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",`
			`"baseScore": 7.5,`
			`"baseSeverity": "HIGH",`
bootstrap 2023-04-24 12:24:31 +02:00			`"attackVector": "NETWORK",`
			`"attackComplexity": "LOW",`
			`"privilegesRequired": "NONE",`
			`"userInteraction": "NONE",`
Auto-Update: 2024-12-08T03:00:18.988682+00:00 2024-12-08 03:06:42 +00:00			`"scope": "UNCHANGED",`
bootstrap 2023-04-24 12:24:31 +02:00			`"confidentialityImpact": "NONE",`
			`"integrityImpact": "NONE",`
Auto-Update: 2024-12-08T03:00:18.988682+00:00 2024-12-08 03:06:42 +00:00			`"availabilityImpact": "HIGH"`
bootstrap 2023-04-24 12:24:31 +02:00			`},`
			`"exploitabilityScore": 3.9,`
Auto-Update: 2024-12-08T03:00:18.988682+00:00 2024-12-08 03:06:42 +00:00			`"impactScore": 3.6`
bootstrap 2023-04-24 12:24:31 +02:00			`}`
			`]`
			`},`
			`"weaknesses": [`
			`{`
Auto-Update: 2024-12-08T03:00:18.988682+00:00 2024-12-08 03:06:42 +00:00			`"source": "Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp",`
			`"type": "Secondary",`
bootstrap 2023-04-24 12:24:31 +02:00			`"description": [`
			`{`
			`"lang": "en",`
			`"value": "CWE-20"`
			`}`
			`]`
			`},`
			`{`
Auto-Update: 2024-12-08T03:00:18.988682+00:00 2024-12-08 03:06:42 +00:00			`"source": "nvd@nist.gov",`
			`"type": "Primary",`
bootstrap 2023-04-24 12:24:31 +02:00			`"description": [`
			`{`
			`"lang": "en",`
			`"value": "CWE-20"`
			`}`
			`]`
			`}`
			`],`
			`"configurations": [`
			`{`
			`"operator": "AND",`
			`"nodes": [`
			`{`
			`"operator": "OR",`
			`"negate": false,`
			`"cpeMatch": [`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:o:mitsubishielectric:rj71en71_firmware::::::::",`
			`"versionEndIncluding": "65",`
			`"matchCriteriaId": "5DA6E8D4-26B3-44EA-94EE-D2ABD0E34D5F"`
			`}`
			`]`
			`},`
			`{`
			`"operator": "OR",`
			`"negate": false,`
			`"cpeMatch": [`
			`{`
			`"vulnerable": false,`
			`"criteria": "cpe:2.3:h:mitsubishielectric:rj71en71:-:::::::*",`
			`"matchCriteriaId": "8BD2CE10-A6DB-4642-8FA8-DD1AFA726EC7"`
			`}`
			`]`
			`}`
			`]`
			`},`
			`{`
			`"operator": "AND",`
			`"nodes": [`
			`{`
			`"operator": "OR",`
			`"negate": false,`
			`"cpeMatch": [`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:o:mitsubishielectric:r04encpu_firmware::::::::",`
			`"versionEndIncluding": "65",`
			`"matchCriteriaId": "71105F2E-5D80-484B-AE91-964EE6BB00B7"`
			`}`
			`]`
			`},`
			`{`
			`"operator": "OR",`
			`"negate": false,`
			`"cpeMatch": [`
			`{`
			`"vulnerable": false,`
			`"criteria": "cpe:2.3:h:mitsubishielectric:r04encpu:-:::::::*",`
			`"matchCriteriaId": "C5862905-F77D-4DEE-88A8-59893362936F"`
			`}`
			`]`
			`}`
			`]`
			`},`
			`{`
			`"operator": "AND",`
			`"nodes": [`
			`{`
			`"operator": "OR",`
			`"negate": false,`
			`"cpeMatch": [`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:o:mitsubishielectric:r08encpu_firmware::::::::",`
			`"versionEndIncluding": "65",`
			`"matchCriteriaId": "882C402E-D0A4-46F9-B983-B86EBCB24E19"`
			`}`
			`]`
			`},`
			`{`
			`"operator": "OR",`
			`"negate": false,`
			`"cpeMatch": [`
			`{`
			`"vulnerable": false,`
			`"criteria": "cpe:2.3:h:mitsubishielectric:r08encpu:-:::::::*",`
			`"matchCriteriaId": "6B85DAD9-7F5B-4740-94A3-94835D82CE3C"`
			`}`
			`]`
			`}`
			`]`
			`},`
			`{`
			`"operator": "AND",`
			`"nodes": [`
			`{`
			`"operator": "OR",`
			`"negate": false,`
			`"cpeMatch": [`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:o:mitsubishielectric:r16encpu_firmware::::::::",`
			`"versionEndIncluding": "65",`
			`"matchCriteriaId": "054189D9-B6C3-487F-9FA4-97E2D69C69DD"`
			`}`
			`]`
			`},`
			`{`
			`"operator": "OR",`
			`"negate": false,`
			`"cpeMatch": [`
			`{`
			`"vulnerable": false,`
			`"criteria": "cpe:2.3:h:mitsubishielectric:r16encpu:-:::::::*",`
			`"matchCriteriaId": "81F7DE17-AA44-4E78-B07B-3D9F641DF445"`
			`}`
			`]`
			`}`
			`]`
			`},`
			`{`
			`"operator": "AND",`
			`"nodes": [`
			`{`
			`"operator": "OR",`
			`"negate": false,`
			`"cpeMatch": [`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:o:mitsubishielectric:r32encpu_firmware::::::::",`
			`"versionEndIncluding": "65",`
			`"matchCriteriaId": "417F4AD4-8FF6-4804-A453-0BA857B68BED"`
			`}`
			`]`
			`},`
			`{`
			`"operator": "OR",`
			`"negate": false,`
			`"cpeMatch": [`
			`{`
			`"vulnerable": false,`
			`"criteria": "cpe:2.3:h:mitsubishielectric:r32encpu:-:::::::*",`
			`"matchCriteriaId": "9546A301-8039-4D42-B1A2-AAF6C3C17203"`
			`}`
			`]`
			`}`
			`]`
			`},`
			`{`
			`"operator": "AND",`
			`"nodes": [`
			`{`
			`"operator": "OR",`
			`"negate": false,`
			`"cpeMatch": [`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:o:mitsubishielectric:r120encpu_firmware::::::::",`
			`"versionEndIncluding": "65",`
			`"matchCriteriaId": "AF292C53-458C-4DE7-916C-ABD395EBF32B"`
			`}`
			`]`
			`},`
			`{`
			`"operator": "OR",`
			`"negate": false,`
			`"cpeMatch": [`
			`{`
			`"vulnerable": false,`
			`"criteria": "cpe:2.3:h:mitsubishielectric:r120encpu:-:::::::*",`
			`"matchCriteriaId": "411C7828-D7C7-4B42-82E3-CAC21C15951C"`
			`}`
			`]`
			`}`
			`]`
			`}`
			`],`
			`"references": [`
			`{`
			`"url": "https://jvn.jp/vu/JVNVU94702422",`
			`"source": "Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp",`
			`"tags": [`
			`"Third Party Advisory"`
			`]`
			`},`
			`{`
			`"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-017_en.pdf",`
			`"source": "Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp",`
			`"tags": [`
			`"Vendor Advisory"`
			`]`
Auto-Update: 2024-12-08T03:00:18.988682+00:00 2024-12-08 03:06:42 +00:00			`},`
			`{`
			`"url": "https://jvn.jp/vu/JVNVU94702422",`
			`"source": "af854a3a-2127-422b-91ae-364da2661108",`
			`"tags": [`
			`"Third Party Advisory"`
			`]`
			`},`
			`{`
			`"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-017_en.pdf",`
			`"source": "af854a3a-2127-422b-91ae-364da2661108",`
			`"tags": [`
			`"Vendor Advisory"`
			`]`
bootstrap 2023-04-24 12:24:31 +02:00			`}`
			`]`
			`}`