CVE-2022-25161

Name of the Vulnerable Software and Affected Versions Mitsubishi Electric MELSEC iQ-F series FX5U-xMy/z versions prior to 1.270 Mitsubishi Electric MELSEC iQ-F series FX5UC-xMy/z versions prior to 1.270 Mitsubishi Electric MELSEC iQ-F series FX5UC-32MT/DS-TS versions prior to 1.270 Mitsubishi Electric MELSEC iQ-F series FX5UC-32MT/DSS-TS versions prior to 1.270 Mitsubishi Electric MELSEC iQ-F series FX5UC-32MR/DS-TS versions prior to 1.270 Mitsubishi Electric MELSEC iQ-F series FX5UJ-xMy/z versions prior to 1.030 Mitsubishi Electric MELSEC iQ-F series FX5UJ-xMy/ES-A versions prior to 1.031 Mitsubishi Electric MELSEC iQ-F series FX5S-xMy/z version 1.000

Description The issue is related to improper input validation, allowing a remote unauthenticated attacker to cause a DoS condition for the product's program execution or communication by sending specially crafted packets. System reset of the product is required for recovery.

Recommendations For Mitsubishi Electric MELSEC iQ-F series FX5U-xMy/z versions prior to 1.270, update to version 1.270 or later. For Mitsubishi Electric MELSEC iQ-F series FX5UC-xMy/z versions prior to 1.270, update to version 1.270 or later. For Mitsubishi Electric MELSEC iQ-F series FX5UC-32MT/DS-TS versions prior to 1.270, update to version 1.270 or later. For Mitsubishi Electric MELSEC iQ-F series FX5UC-32MT/DSS-TS versions prior to 1.270, update to version 1.270 or later. For Mitsubishi Electric MELSEC iQ-F series FX5UC-32MR/DS-TS versions prior to 1.270, update to version 1.270 or later. For Mitsubishi Electric MELSEC iQ-F series FX5UJ-xMy/z versions prior to 1.030, update to version 1.030 or later. For Mitsubishi Electric MELSEC iQ-F series FX5UJ-xMy/ES-A versions prior to 1.031, update to version 1.031 or later. For Mitsubishi Electric MELSEC iQ-F series FX5S-xMy/z version 1.000, update to a version later than 1.000.