PT-2021-6787 · Mitsubishi · Melsec Q Series Qj71E71-100+20

Anton Dorfman

+2

·

Published

2021-12-15

·

Updated

2022-06-02

·

CVE-2022-25158

CVSS v2.0

6.6

Medium

VectorAV:N/AC:H/Au:S/C:C/I:C/A:N
Name of the Vulnerable Software and Affected Versions Mitsubishi Electric MELSEC iQ-F series FX5U(C) CPU all versions Mitsubishi Electric MELSEC iQ-F series FX5UJ CPU all versions Mitsubishi Electric MELSEC iQ-R series R00/01/02CPU all versions Mitsubishi Electric MELSEC iQ-R series R04/08/16/32/120(EN)CPU all versions Mitsubishi Electric MELSEC iQ-R series R08/16/32/120SFCPU all versions Mitsubishi Electric MELSEC iQ-R series R08/16/32/120PCPU all versions Mitsubishi Electric MELSEC iQ-R series R08/16/32/120PSFCPU all versions Mitsubishi Electric MELSEC iQ-R series RJ71C24(-R2/R4) all versions Mitsubishi Electric MELSEC iQ-R series RJ71EN71 all versions Mitsubishi Electric MELSEC iQ-R series RJ71GF11-T2 all versions Mitsubishi Electric MELSEC iQ-R series RJ71GP21(S)-SX all versions Mitsubishi Electric MELSEC iQ-R series RJ72GF15-T2 all versions Mitsubishi Electric MELSEC Q series Q03UDECPU all versions Mitsubishi Electric MELSEC Q series Q04/06/10/13/20/26/50/100UDEHCPU all versions Mitsubishi Electric MELSEC Q series Q03/04/06/13/26UDVCPU all versions Mitsubishi Electric MELSEC Q series Q04/06/13/26UDPVCPU all versions Mitsubishi Electric MELSEC Q series QJ71C24N(-R2/R4) all versions Mitsubishi Electric MELSEC Q series QJ71E71-100 all versions Mitsubishi Electric MELSEC L series L02/06/26CPU(-P) all versions Mitsubishi Electric MELSEC L series L26CPU-(P)BT all versions Mitsubishi Electric MELSEC L series LJ71C24(-R2) all versions Mitsubishi Electric MELSEC L series LJ71E71-100 all versions Mitsubishi Electric MELSEC L series LJ72GF15-T2 all versions
Description The issue is related to the cleartext storage of sensitive information, specifically password hashes, in files. This allows a remote attacker to disclose or tamper with these files, potentially leading to privilege escalation. The vulnerability is associated with the unencrypted storage of credentials, which can be exploited by a remote attacker to gain elevated privileges using a file named 00000001.SYP.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Cleartext Storage of Sensitive Information

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-312

Related Identifiers

BDU:2022-02196
CVE-2022-25158

Affected Products

Melsec L Series L02/06/26Cpu
Melsec L Series L26Cpu-(P)Bt
Melsec L Series Lj71C24
Melsec L Series Lj71E71-100
Melsec L Series Lj72Gf15-T2
Melsec Q Series Q03/04/06/13/26Udvcpu
Melsec Q Series Q03Udecpu
Melsec Q Series Q04/06/10/13/20/26/50/100Udehcpu
Melsec Q Series Q04/06/13/26Udpvcpu
Melsec Q Series Qj71C24N
Melsec Q Series Qj71E71-100
Melsec Iq-F Series Fx5U(C) Cpu
Melsec Iq-F Series Fx5Uj Cpu
Melsec Iq-R Series R00/01/02Cpu
Melsec Iq-R Series R04/08/16/32/120(En)Cpu
Melsec Iq-R Series R08/16/32/120Psfcpu
Melsec Iq-R Series Rj71C24
Melsec Iq-R Series Rj71En71
Melsec Iq-R Series Rj71Gf11-T2
Melsec Iq-R Series Rj71Gp21(S)-Sx
Melsec Iq-R Series Rj72Gf15-T2