Vulnerability Lookup

🛡️ CVE-2022-25160

🟡 CVSS 5.9 — Medium ✅ No Known Exploit CWE-312 NVD

5.9

CVSS Score

0 Low4 Medium7 High9 Critical10

Description

Cleartext Storage of Sensitive Information vulnerability in Mitsubishi Electric MELSEC iQ-F series FX5U(C) CPU all versions, Mitsubishi Electric MELSEC iQ-F series FX5UJ CPU all versions, Mitsubishi Electric MELSEC iQ-R series R00/01/02CPU all versions, Mitsubishi Electric MELSEC iQ-R series R04/08/16/32/120(EN)CPU all versions, Mitsubishi Electric MELSEC iQ-R series R08/16/32/120SFCPU all versions, Mitsubishi Electric MELSEC iQ-R series R08/16/32/120PCPU all versions, Mitsubishi Electric MELSEC iQ-R series R08/16/32/120PSFCPU all versions, Mitsubishi Electric MELSEC iQ-R series R16/32/64MTCPU all versions, Mitsubishi Electric MELSEC iQ-R series RJ71C24(-R2/R4) all versions, Mitsubishi Electric MELSEC iQ-R series RJ71EN71 all versions, Mitsubishi Electric MELSEC iQ-R series RJ72GF15-T2 all versions, Mitsubishi Electric MELSEC Q series Q03/04/06/13/26UDVCPU all versions, Mitsubishi Electric MELSEC Q series Q04/06/13/26UDPVCPU all versions, Mitsubishi Electric MELSEC Q series QJ71C24N(-R2/R4) all versions and Mitsubishi Electric MELSEC Q series QJ71E71-100 all versions allows a remote unauthenticated attacker to disclose a file in a legitimate user's product by using previously eavesdropped cleartext information and to counterfeit a legitimate user’s system.

Details

Severity MEDIUM

CVSS Score 5.9

CVSS Vector CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE CWE-312

Public Exploit ✅ No

Source NVD

Published 2022-04-01

Updated 2026-06-08

Modified 2024-11-21

Fix URL N/A

Affected Packages

Software	From version	Fixed in
fx5uc-32mr\/ds-ts-firmware	—	—
fx5uc-32mt\/d-firmware	—	—
fx5uc-32mt\/ds-ts-firmware	—	—
fx5uc-32mt\/dss-firmware	—	—
fx5uc-32mt\/dss-ts-firmware	—	—
fx5uc-firmware	—	—
fx5uj-24mr\/es-firmware	—	—
fx5uj-24mt\/es-firmware	—	—
fx5uj-24mt\/ess-firmware	—	—
fx5uj-40mr\/es-firmware	—	—
fx5uj-40mt\/es-firmware	—	—
fx5uj-40mt\/ess-firmware	—	—
fx5uj-60mr\/es-firmware	—	—
fx5uj-60mt\/es-firmware	—	—
fx5uj-60mt\/ess-firmware	—	—
fx5uj-firmware	—	—

References

Third Party Advisory https://jvn.jp/vu/JVNVU96577897/index.html

Third Party Advisory, US Government Resource https://www.cisa.gov/uscert/ics/advisories/icsa-22-090-04

Vendor Advisory https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-031_en.pdf

Third Party Advisory https://jvn.jp/vu/JVNVU96577897/index.html

Third Party Advisory, US Government Resource https://www.cisa.gov/uscert/ics/advisories/icsa-22-090-04

Vendor Advisory https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-031_en.pdf

🔗 NVD 🔗 Mitre

Exploit Protection

Help block exploit attempts

BotEraser is designed to detect and help reduce malicious bot traffic that may target known vulnerabilities on your site.

Try BotEraser Free →

No credit card required · Results in minutes

ⓘ Data Notice: The information presented above has been compiled from publicly available internet sources. Boteraser aggregates this data solely for informational purposes and does not independently classify, evaluate, or endorse any findings about the vulnerabilities listed. The accuracy and completeness of this information is the sole responsibility of the original publishers. Boteraser and its operators accept no liability for any decisions made based on this data.

Help block exploit attempts

Company

Resources

Services

Trusted

Subscribe