Vulnerabilities > CVE-2022-33323 - Unspecified vulnerability in Mitsubishielectric products
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
HIGH Availability impact
NONE Summary
Active Debug Code vulnerability in robot controller of Mitsubishi Electric Corporation industrial robot MELFA SD/SQ Series and MELFA F-Series allows a remote unauthenticated attacker to gain unauthorized access by authentication bypass through an unauthorized telnet login. As for the affected model names, controller types and firmware versions, see the Mitsubishi Electric's advisory which is listed in [References] section.
Vulnerable Configurations
References
- https://jvn.jp/vu/JVNVU94588481/index.html
- https://jvn.jp/vu/JVNVU94588481/index.html
- https://www.cisa.gov/uscert/ics/advisories/icsa-23-026-05
- https://www.cisa.gov/uscert/ics/advisories/icsa-23-026-05
- https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-020_en.pdf
- https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-020_en.pdf