PT-2021-15: Denial of Service when Processing File with Incorrect Header Content in FX5U(C) CPU and FX5UJ CPU modules FX5U(C) CPU and FX5UJ CPU modules Severity level Severity level: Medium Impact: Denial of Service when Processing File with Incorrect Header Content in FX5U(C) CPU and FX5UJ CPU modules Access Vector: Remote CVSS v3.0 Base Score: 5,3 Vector: (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) CVE-2022-25162 Vulnerability description:The vulnerability of the FX5U(C) CPU and FX5UJ CPU modules of Mitsubishi Electric FA products is associated with processing file with incorrect header content. Exploitation of the vulnerability allows an attacker to implement a Denial of Service when creating a file with a nonstandard structure and writing an incorrect header to it. Advisory status 15.12.2021 - Vendor gets vulnerability details 17.05.2022 - Security advisory publication date (https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-004_en.pdf) Credits The vulnerability was detected by Anton Dorfman (Positive Technologies)