CVE-2022-33324

Name of the Vulnerable Software and Affected Versions Mitsubishi Electric Corporation MELSEC iQ-R Series R00/01/02CPU Firmware versions 32 and prior Mitsubishi Electric Corporation MELSEC iQ-R Series R04/08/16/32/120(EN)CPU Firmware versions 65 and prior Mitsubishi Electric Corporation MELSEC iQ-R Series R08/16/32/120SFCPU Firmware versions 29 and prior Mitsubishi Electric Corporation MELSEC iQ-R Series R08/16/32/120PSFCPU Firmware versions 08 and prior Mitsubishi Electric Corporation MELSEC iQ-R Series R12CCPU-V Firmware versions 17 and prior Mitsubishi Electric Corporation MELSEC iQ-L Series L04/08/16/32HCPU Firmware versions 05 and prior Mitsubishi Electric Corporation MELIPC Series MI5122-VW Firmware versions 07 and prior

Description The issue allows a remote unauthenticated attacker to cause a Denial of Service condition in Ethernet communication on the module by sending specially crafted packets. A system reset of the module is required for recovery.

Recommendations For Mitsubishi Electric Corporation MELSEC iQ-R Series R00/01/02CPU Firmware versions 32 and prior, update to a version later than 32. For Mitsubishi Electric Corporation MELSEC iQ-R Series R04/08/16/32/120(EN)CPU Firmware versions 65 and prior, update to a version later than 65. For Mitsubishi Electric Corporation MELSEC iQ-R Series R08/16/32/120SFCPU Firmware versions 29 and prior, update to a version later than 29. For Mitsubishi Electric Corporation MELSEC iQ-R Series R08/16/32/120PSFCPU Firmware versions 08 and prior, update to a version later than 08. For Mitsubishi Electric Corporation MELSEC iQ-R Series R12CCPU-V Firmware versions 17 and prior, update to a version later than 17. For Mitsubishi Electric Corporation MELSEC iQ-L Series L04/08/16/32HCPU Firmware versions 05 and prior, update to a version later than 05. For Mitsubishi Electric Corporation MELIPC Series MI5122-VW Firmware versions 07 and prior, update to a version later than 07.