SB2022040408 - Multiple vulnerabilities in Mitsubishi Electric FA Products
Published: April 4, 2022 Updated: June 2, 2022
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 6 secuirty vulnerabilities.
1) Use of Password Hash Instead of Password for Authentication (CVE-ID: CVE-2022-25155)
The vulnerability allows a remote attacker to compromise the target system.
The vulnerability exists due to use of password hash instead of password for authentication. A remote attacker can log in to the product by replaying an eavesdropped password hash.
2) Reversible One-Way Hash (CVE-ID: CVE-2022-25156)
The vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to use of weak hash. A remote attacker can log in to the product by using a password reversed from an eavesdropped password hash.
3) Use of Password Hash Instead of Password for Authentication (CVE-ID: CVE-2022-25157)
The vulnerability allows a remote attacker to compromise the target system.
The vulnerability exists due to use of password hash instead of password for authentication. A remote attacker can disclose or tamper with the information in the product by using an eavesdropped password hash.
4) Cleartext storage of sensitive information (CVE-ID: CVE-2022-25158)
The vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to the password hash is saved in cleartext. A remote attacker can disclose or tamper with a file.
5) Authentication Bypass by Capture-replay (CVE-ID: CVE-2022-25159)
The vulnerability allows a remote attacker to bypass authentication process.
The vulnerability exists due to an error in when processing authentication requests. A remote attacker can log in to the product by replay attack.
6) Cleartext storage of sensitive information (CVE-ID: CVE-2022-25160)
The vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to the password hash is saved in cleartext. A remote attacker can disclose a file in a legitimate user's product by using previously eavesdropped cleartext information and counterfeit a legitimate user’s system.
Remediation
Cybersecurity Help is not aware of any official remediation provided by the vendor.
References
- https://jvn.jp/vu/JVNVU96577897/index.html
- https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-031_en.pdf
- https://www.cisa.gov/uscert/ics/advisories/icsa-22-090-04
- https://www.ptsecurity.com/ww-en/analytics/threatscape/pt-2021-08/
- https://www.ptsecurity.com/ww-en/analytics/threatscape/pt-2021-09/
- https://www.ptsecurity.com/ww-en/analytics/threatscape/pt-2021-10/
- https://www.ptsecurity.com/ww-en/analytics/threatscape/pt-2021-11/
- https://www.ptsecurity.com/ww-en/analytics/threatscape/pt-2021-12/
- https://www.ptsecurity.com/ww-en/analytics/threatscape/pt-2021-13/