PT-2021-15: Denial of Service when Processing File with Incorrect Header Content in FX5U(C) CPU and FX5UJ CPU modules

FX5U(C) CPU and FX5UJ CPU modules

Severity level

Severity level: Medium
Impact: Denial of Service when Processing File with Incorrect Header Content in FX5U(C) CPU and FX5UJ CPU modules
Access Vector: Remote

CVSS v3.0
Base Score: 5,3
Vector: (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)

CVE-2022-25162

Vulnerability description:

The vulnerability of the FX5U(C) CPU and FX5UJ CPU modules of Mitsubishi Electric FA products is associated with processing file with incorrect header content. Exploitation of the vulnerability allows an attacker to implement a Denial of Service when creating a file with a nonstandard structure and writing an incorrect header to it.

Advisory status

15.12.2021 - Vendor gets vulnerability details
17.05.2022 - Security advisory publication date (https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-004_en.pdf)

Credits

The vulnerability was detected by Anton Dorfman (Positive Technologies)

Threatscape