medium
6.1
CWE
79
Advisory Published
Updated

CVE-2022-33322: XSS

First published: Tue Nov 08 2022(Updated: )

Cross-site scripting vulnerability in Mitsubishi Electric consumer electronics products (Air Conditioning, Wi-Fi Interface, Refrigerator, HEMS adapter, Remote control with Wi-Fi Interface, BATHROOM THERMO VENTILATOR, Rice cooker, Mitsubishi Electric HEMS control adapter, Energy Recovery Ventilator, Smart Switch and Air Purifier) allows a remote unauthenticated attacker to execute an malicious script on a user's browser to disclose information, etc. The wide range of models/versions of Mitsubishi Electric consumer electronics products are affected by this vulnerability. As for the affected product models/versions, see the Mitsubishi Electric's advisory which is listed in [References] section.

Credit: Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp

Affected SoftwareAffected VersionHow to fix
Mitsubishielectric Mac-587if-e Firmware<=35.00
Mitsubishielectric Mac-587if-e Firmware
Mitsubishi Electric MAC-587IF2-E<=35.00
Mitsubishi Electric MAC-587IF2-E
Mitsubishielectric Mac-507if-e Firmware<=35.00
Mitsubishi Electric MAC-507IF-E
Mitsubishielectric Mac-588if-e Firmware<=35.00
Mitsubishi Electric MAC-588IF-E
Mitsubishi Electric S-MAC-002IF<=35.00
Mitsubishi Electric S-MAC-002IF
Mitsubishi Electric MA-EW85S-E Firmware<=80.00
Mitsubishi Electric MA-EW85S-UK Firmware
Mitsubishi Electric MA-EW85S-UK Firmware<=80.00
Mitsubishi Electric MA-EW85S-UK Firmware
Mitsubishielectric Mfz-gxt50/60/73vfk Firmware<=35.00
Mitsubishi Electric MFZ-GXT50/60/73VFK
Mitsubishielectric Mfz-xt50/60vfk Firmware<=35.00
Mitsubishi Electric MFZ-XT50/60VFK
Mitsubishi Electric Msxy-fp05/07/10/13/18/20/24vgk-sg1 Firmware<=35.00
Mitsubishi Electric MSXY-FP05/07/10/13/18/20/24VGK-SG1
Mitsubishielectric Msy-gp10/13/15/18/20/24vfk-sg1 Firmware<=35.00
Mitsubishi Electric MSY-GP10/13/15/18/20/24VFK-SG1
Mitsubishielectric Msz-ap15/20/25/35/42/50/60/71vgk-e2 Firmware<=35.00
Mitsubishi Electric MSZ-AP15/20/25/35/42/50/60/71VGK-E2
Mitsubishielectric Msz-ap15/20/25/35/42/50/60/71vgk-er2 Firmware<=35.00
Mitsubishi Electric MSZ-AP15/20/25/35/42/50/60/71VGK-ER2
Mitsubishielectric Msz-ap15/20/25/35/42/50/60/71vgk-et2 Firmware<=35.00
Mitsubishi Electric MSZ-AP15/20/25/35/42/50/60/71VGK-ET2
Mitsubishi Electric MSZ-AP22/25/35/42/50/60/71/80VGKD-A2 Firmware<=35.00
Mitsubishi Electric MSZ-AP Series
Mitsubishielectric Msz-ap22/25/35/42/50/61/70/80vgkd-a1 Firmware<=35.00
Mitsubishielectric Msz-ap22/25/35/42/50/61/70/80vgkd-a1
Mitsubishielectric Msz-ap25/35/42/50/60/71vgk-e3 Firmware<=35.00
Mitsubishi Electric MSZ-AP25/35/42/50/60/71VGK-E3
Mitsubishielectric Msz-ap25/35/42/50/60/71vgk-er3 Firmware<=35.00
Mitsubishi Electric MSZ-AP25/35/42/50/60/71VGK-ER3
Mitsubishi Electric MSZ-AP25/35/42/50/60/71VGK-ET3 Firmware<=35.00
Mitsubishielectric Msz-ap25/35/42/50/60/71vgk-et3
Mitsubishi Electric MSZ-AP25/35/42/50VGK-E1 Firmware<=35.00
Mitsubishi Electric MSZ-AP series
Mitsubishielectric Msz-ap25/35/42/50vgk-e7 Firmware<=35.00
Mitsubishi Electric MSZ-AP25/35/42/50 VGK-E7
Mitsubishi Electric MSZ-AP25/35/42/50VGK-E8 Firmware<=35.00
Mitsubishielectric Msz-ap25/35/42/50vgk-e8
Mitsubishielectric Msz-ap25/35/42/50vgk-en1 Firmware<=35.00
Mitsubishi Electric MSZ-AP25/35/42/50VGK-EN1
Mitsubishielectric Msz-ap25/35/42/50vgk-en2 Firmware<=35.00
Mitsubishi Electric MSZ-AP25/35/42/50VGK-EN2
Mitsubishielectric Msz-ap25/35/42/50vgk-en3 Firmware<=35.00
Mitsubishi Electric MSZ-AP25/35/42/50VGK-EN3
Mitsubishielectric Msz-ap25/35/42/50vgk-er1 Firmware<=35.00
Mitsubishi Electric MSZ-AP25/35/42/50VGK-ER1
Mitsubishielectric Msz-ap25/35/42/50vgk-et1 Firmware<=35.00
Mitsubishi Electric MSZ-AP25/35/42/50VGK-ET1
Mitsubishi Electric MSZ-AY25/35/42/50VGK-E1 Firmware<=35.00
Mitsubishi Electric MSZ-AY25/35/42/50VGK-E1
Mitsubishielectric Msz-ay25/35/42/50vgk-e6 Firmware<=35.00
Mitsubishi Electric MSZ-AY25/35/42/50VGK-E6
Mitsubishielectric Msz-ay25/35/42/50vgk-er1 Firmware<=35.00
Mitsubishi Electric MSZ-AY25/35/42/50VGK-ER1
Mitsubishi Electric MSZ-AY25/35/42/50VGK-ET1 Firmware<=35.00
Mitsubishielectric Msz-ay25/35/42/50vgk-et1
Mitsubishi Electric MSZ-AY25/35/42/50VGK-SC1 Firmware<=35.00
Mitsubishi Electric MSZ-AY25/35/42/50VGK-SC1
Mitsubishielectric Msz-ay25/35/42/50vgkp-e6 Firmware<=35.00
Mitsubishi Electric MSZ-AY25/35/42/50VGKP-E6
Mitsubishielectric Msz-ay25/35/42/50vgkp-er1 Firmware<=35.00
Mitsubishi Electric MSZ-AY25/35/42/50VGKP-ER1
Mitsubishielectric Msz-ay25/35/42/50vgkp-et1 Firmware<=35.00
Mitsubishi Electric MSZ-AY25/35/42/50VGKP-ET1
Mitsubishielectric Msz-ay25/35/42/50vgkp-sc1 Firmware<=35.00
Mitsubishi Electric MSZ-AY25/35/42/50VGKP-SC1
Mitsubishi Electric MSZ-BT20/25/35/50VGK-E1 Firmware<=35.00
Mitsubishi Electric MSZ-BT20/25/35/50VGK-E1
Mitsubishielectric Msz-bt20/25/35/50vgk-e2 Firmware<=35.00
Mitsubishi Electric MSZ-BT20/25/35/50VGK-E2
Mitsubishielectric Msz-bt20/25/35/50vgk-e3 Firmware<=35.00
Mitsubishi Electric MSZ-BT20/25/35/50VGK-E3
Mitsubishielectric Msz-bt20/25/35/50vgk-er1 Firmware<=35.00
Mitsubishi Electric MSZ-BT20/25/35/50VGK-ER1
Mitsubishielectric Msz-bt20/25/35/50vgk-er2 Firmware<=35.00
Mitsubishi Electric MSZ-BT20/25/35/50VGK-ER2
Mitsubishielectric Msz-bt20/25/35/50vgk-et1 Firmware<=35.00
Mitsubishi Electric MSZ-BT20/25/35/50VGK-ET1
Mitsubishielectric Msz-bt20/25/35/50vgk-et2 Firmware<=35.00
Mitsubishi Electric MSZ-BT20/25/35/50VGK-ET2
Mitsubishielectric Msz-bt20/25/35/50vgk-et3 Firmware<=35.00
Mitsubishielectric Msz-bt20/25/35/50vgk-et3
Mitsubishielectric Msz-ef18/22/25/35/42/50vgkb-e1 Firmware<=35.00
Mitsubishi Electric MSZ-EF18/22/25/35/42/50VGKB-E1
Mitsubishielectric Msz-ef18/22/25/35/42/50vgkb-e2 Firmware<=35.00
Mitsubishi Electric MSZ-EF18/22/25/35/42/50VGKB-E2
Mitsubishielectric Msz-ef18/22/25/35/42/50vgks-e1 Firmware<=35.00
Mitsubishi Electric MSZ-EF 18/22/25/35/42/50 VGKS-E1
Mitsubishi Electric MSZ-EF18/22/25/35/42/50VGKS-E2 Firmware<=35.00
Mitsubishielectric Msz-ef18/22/25/35/42/50vgks-e2
Mitsubishielectric Msz-ef18/22/25/35/42/50vgkw-e1 Firmware<=35.00
Mitsubishi Electric MSZ-EF18/22/25/35/42/50VGKW-E1
Mitsubishielectric Msz-ef18/22/25/35/42/50vgkw-e2 Firmware<=35.00
Mitsubishielectric Msz-ef18/22/25/35/42/50vgkw-e2
Mitsubishielectric Msz-ef22/25/35/42/50vgkb-a1 Firmware<=35.00
Mitsubishi Electric MSZ-EF22/25/35/42/50VGKB-A1
Mitsubishielectric Msz-ef22/25/35/42/50vgkb-er1 Firmware<=35.00
Mitsubishi Electric MSZ-EF22/25/35/42/50VGKB-ER1
Mitsubishi Electric MSZ-EF 22/25/35/42/50 VGKB-ER2 Firmware<=35.00
Mitsubishielectric Msz-ef22/25/35/42/50vgkb-er2
Mitsubishi Electric MSZ-EF22/25/35/42/50VGKB-ET1 Firmware<=35.00
Mitsubishi Electric MSZ-EF22/25/35/42/50VGKB-ET1
Mitsubishi Electric MSZ-EF22/25/35/42/50VGKB-ET2 Firmware<=35.00
Mitsubishi Electric MSZ-EF22/25/35/42/50VGKB-ET2
Mitsubishi Electric MSZ-EF22/25/35/42/50VGKS-A1 Firmware<=35.00
Mitsubishi Electric MSZ-EF22/25/35/42/50VGKS-A1
Mitsubishi Electric MSZ-EF22/25/35/42/50VGKS-ER1 Firmware<=35.00
Mitsubishi Electric MSZ-EF 22/25/35/42/50VGKS-ER1
Mitsubishi Electric MSZ-EF22/25/35/42/50VGKS-ER2 Firmware<=35.00
Mitsubishielectric Msz-ef22/25/35/42/50vgks-er2
Mitsubishielectric Msz-ef22/25/35/42/50vgks-et1 Firmware<=35.00
Mitsubishi Electric MSZ-EF22/25/35/42/50VGKS-ET1
Mitsubishielectric Msz-ef22/25/35/42/50vgks-et2 Firmware<=35.00
Mitsubishi Electric Msz-EF22/25/35/42/50VGKS-ET2
Mitsubishielectric Msz-ef22/25/35/42/50vgkw-a1 Firmware<=35.00
Mitsubishi Electric MSZ-EF22/25/35/42/50VGKW-A1
Mitsubishielectric Msz-ef22/25/35/42/50vgkw-er1 Firmware<=35.00
Mitsubishi Electric MSZ-EF22/25/35/42/50VGKW-ER1
Mitsubishielectric Msz-ef22/25/35/42/50vgkw-er2 Firmware<=35.00
Mitsubishielectric Msz-ef22/25/35/42/50vgkw-er2
Mitsubishielectric Msz-ef22/25/35/42/50vgkw-et1 Firmware<=35.00
Mitsubishielectric Msz-ef22/25/35/42/50vgkw-et1
Mitsubishielectric Msz-ef22/25/35/42/50vgkw-et2 Firmware<=35.00
Mitsubishielectric Msz-ef22/25/35/42/50vgkw-et2
Mitsubishi Electric MSZ-EXA09/12VAK Firmware<=35.00
Mitsubishi Electric MSZ-EXA09/12VAK
Mitsubishielectric Msz-eza09/12vak Firmware<=35.00
Mitsubishi Electric MSZ-EZA09/12VAK
Mitsubishielectric Msz-ft25/35/50vgk-e1 Firmware<=35.00
Mitsubishi Electric MSZ-FT25/35/50VGK-E1
Mitsubishi Electric MSZ-FT25/35/50VGK-E2 Firmware<=35.00
Mitsubishi Electric MSZ-FT25/35/50VGK-E2
Mitsubishi Electric MSZ-FT25/35/50VGK-ET1 Firmware<=35.00
Mitsubishi Electric MSZ-FT25/35/50VGK-ET1
Mitsubishielectric Msz-ft25/35/50vgk-sc1 Firmware<=35.00
Mitsubishi Electric MSZ-FT25/35/50VGK-SC1
Mitsubishi Electric MSZ-FT25/35/50VGK-SC2 Firmware<=35.00
Mitsubishi Electric MSZ-FT25/35/50VGK-SC2
Mitsubishielectric Msz-gzy09/12/18vfk Firmware<=35.00
Mitsubishi Electric MSZ-GZY09/12/18VFK
Mitsubishi Electric MSZ-HR25/35/42/50/60/71VFK-E1 Firmware<=35.00
Mitsubishielectric Msz-hr25/35/42/50/60/71vfk-e1
Mitsubishielectric Msz-hr25/35/42/50/60/71vfk-er1 Firmware<=35.00
Mitsubishi Electric MSZ-HR25/35/42/50/60/71VFK-ER1
Mitsubishielectric Msz-hr25/35/42/50/60/71vfk-et1 Firmware<=35.00
Mitsubishi Electric MSZ-HR25/35/42/50/60/71VFK-ET1
Mitsubishi Electric MSZ-HR25/35/42/50VFK-E6 Firmware<=35.00
Mitsubishi Electric MSZ-HR25/35/42/50VFK-E6
Mitsubishi Electric MSZ-KY09/12/18VFK Firmware<=35.00
Mitsubishi Electric MSZ-KY09/12/18VFK
Mitsubishi Electric MSZ-LN18/25/35/50/60VG2B-E2 Firmware<=35.00
Mitsubishi Electric MSZ-LN18/25/35/50/60VG2B-E2
Mitsubishielectric Msz-ln18/25/35/50/60vg2b-e3 Firmware<=35.00
Mitsubishi Electric MSZ-LN18/25/35/50/60VG2B-E3
Mitsubishielectric Msz-ln18/25/35/50/60vg2r-e2 Firmware<=35.00
Mitsubishi Electric MSZ-LN18/25/35/50/60VG2R-E2
Mitsubishi Electric MSZ-LN18/25/35/50/60VG2R-E3 Firmware<=35.00
Mitsubishi Electric MSZ-LN18/25/35/50/60VG2R-E3
Mitsubishielectric Msz-ln18/25/35/50/60vg2v-e2 Firmware<=35.00
Mitsubishi Electric MSZ-LN18/25/35/50/60VG2V-E2
Mitsubishi Electric MSZ-LN18/25/35/50/60VG2V-E3 Firmware<=35.00
Mitsubishi Electric MSZ-LN18/25/35/50/60VG2V-E3
Mitsubishielectric Msz-ln18/25/35/50/60vg2w-e2 Firmware<=35.00
Mitsubishielectric Msz-ln18/25/35/50/60vg2w-e2
Mitsubishi Electric MSZ-LN18/25/35/50/60VG2W-E3 Firmware<=35.00
Mitsubishi Electric MSZ-LN18/25/35/50/60VG2W-E3
Mitsubishielectric Msz-ln18/25/35/50/60vg2w-er2 Firmware<=35.00
Mitsubishi Electric MSZ-LN18/25/35/50/60VG2W-ER2
Mitsubishielectric Msz-ln18/25/35/50/60vg2w-et2 Firmware<=35.00
Mitsubishielectric Msz-ln18/25/35/50/60vg2w-et2
Mitsubishi Electric MSZ-LN18/25/35/50VG2W-SC1 Firmware<=35.00
Mitsubishi Electric MSZ-LN18/25/35/50VG2W-SC1
Mitsubishi Electric MSZ-LN25/35/50/60VG2B-A2 Firmware<=35.00
Mitsubishi Electric MSZ-LN25/35/50/60VG2B-A2
Mitsubishi Electric MSZ-LN25/35/50/60VG2B-ER2 Firmware<=35.00
Mitsubishielectric Msz-ln25/35/50/60vg2b-er2
Mitsubishielectric Msz-ln25/35/50/60vg2b-er3 Firmware<=35.00
Mitsubishi Electric MSZ-LN25/35/50/60VG2B-ER3
Mitsubishielectric Msz-ln25/35/50/60vg2b-et2 Firmware<=35.00
Mitsubishielectric Msz-ln25/35/50/60vg2b-et2
Mitsubishi Electric MSZ-LN25/35/50/60VG2B-ET3 Firmware<=35.00
Mitsubishi Electric MSZ-LN25/35/50/60VG2B-ET3
Mitsubishi Electric MSZ-LN25/35/50/60VG2R-A2 Firmware<=35.00
Mitsubishi Electric MSZ-LN25/35/50/60VG2R-A2
Mitsubishi Electric MSZ-LN25/35/50/60VG2R-ER2 Firmware<=35.00
Mitsubishi Electric MSZ-LN25/35/50/60VG2R-ER2
Mitsubishi Electric MSZ-LN25/35/50/60VG2R-ER3 Firmware<=35.00
Mitsubishielectric Msz-ln25/35/50/60vg2r-er3
Mitsubishielectric Msz-ln25/35/50/60vg2r-et2 Firmware<=35.00
Mitsubishi Electric MSZ-LN25/35/50/60VG2R-ET2
Mitsubishielectric Msz-ln25/35/50/60vg2r-et3 Firmware<=35.00
Mitsubishi Electric MSZ-LN25/35/50/60VG2R-ET3
Mitsubishi Electric MSZ-LN25/35/50/60VG2V-A2 Firmware<=35.00
Mitsubishi Electric MSZ-LN25/35/50/60VG2V-A2
Mitsubishi Electric MSZ-LN25/35/50/60VG2V-ER2 Firmware<=35.00
Mitsubishi Electric MSZ-LN25/35/50/60VG2V-ER2
Mitsubishi Electric MSZ-LN25/35/50/60VG2V-ER3 Firmware<=35.00
Mitsubishi Electric MSZ-LN25/35/50/60VG2V-ER3
Mitsubishielectric Msz-ln25/35/50/60vg2v-et2 Firmware<=35.00
Mitsubishi Electric MSZ-LN25/35/50/60VG2V-ET2
Mitsubishielectric Msz-ln25/35/50/60vg2v-et3 Firmware<=35.00
Mitsubishi Electric MSZ-LN25/35/50/60VG2V-ET3
Mitsubishielectric Msz-ln25/35/50/60vg2w-er3 Firmware<=35.00
Mitsubishi Electric MSZ-LN25/35/50/60VG2W-ER3
Mitsubishielectric Msz-ln25/35/50/60vg2w-et3 Firmware<=35.00
Mitsubishielectric Msz-ln25/35/50/60vg2w-et3
Mitsubishi Electric MSZ-LN25/35/50VG2B-EN2 Firmware<=35.00
Mitsubishi Electric MSZ-LN25/35/50VG2B-EN2
Mitsubishielectric Msz-ln25/35/50vg2b-sc1 Firmware<=35.00
Mitsubishi Electric MSZ-LN25/35/50VG2B-SC1
Mitsubishielectric Msz-ln25/35/50vg2r-en2 Firmware<=35.00
Mitsubishi Electric MSZ-LN25/35/50VG2R-EN2
Mitsubishielectric Msz-ln25/35/50vg2r-sc1 Firmware<=35.00
Mitsubishi Electric MSZ-LN25/35/50VG2R-SC1
Mitsubishi Electric MSZ-LN25/35/50VG2V-EN2 Firmware<=35.00
Mitsubishi Electric MSZ-LN25/35/50VG2V-EN2
Mitsubishielectric Msz-ln25/35/50vg2v-sc1 Firmware<=35.00
Mitsubishi Electric MSZ-LN25/35/50VG2V-SC1
Mitsubishi Electric MSZ-LN25/35/50VG2W-EN2 Firmware<=35.00
Mitsubishi Electric MSZ-LN25/35/50VG2W-EN2
Mitsubishielectric Msz-rw25/35/50vg-e1 Firmware<=35.00
Mitsubishi Electric MSZ-RW25/35/50VG-E1
Mitsubishi Electric MSZ-RW25/35/50VG-ER1 Firmware<=35.00
Mitsubishielectric Msz-rw25/35/50vg-er1
Mitsubishielectric Msz-rw25/35/50vg-et1 Firmware<=35.00
Mitsubishi Electric MSZ-RW25/35/50VG-ET1
Mitsubishi Electric MSZ-RW25/35/50VG-SC1 Firmware<=35.00
Mitsubishielectric Msz-rw25/35/50vg-sc1
Mitsubishi Electric MSZ-WX18/20/25VFK Firmware<=35.00
Mitsubishi Electric Msz-wx18/20/25vfk
Mitsubishielectric Msz-zy09/12/18vfk Firmware<=35.00
Mitsubishi Electric MSZ-ZY09/12/18VFK

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is the severity of CVE-2022-33322?

    CVE-2022-33322 is categorized as a high-severity cross-site scripting vulnerability.

  • How do I fix CVE-2022-33322?

    To fix CVE-2022-33322, update the affected Mitsubishi Electric products to the latest firmware version beyond 35.00.

  • Which products are affected by CVE-2022-33322?

    CVE-2022-33322 affects various Mitsubishi Electric consumer electronics, including air conditioning, Wi-Fi interfaces, refrigerators, and more.

  • What kind of vulnerability is CVE-2022-33322?

    CVE-2022-33322 is a cross-site scripting (XSS) vulnerability that may allow attackers to execute scripts on user browsers.

  • Is there a patch available for CVE-2022-33322?

    Yes, Mitsubishi Electric has released firmware updates that mitigate the vulnerability in CVE-2022-33322.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203