high
7.5
CWE
404
Advisory Published
Updated

CVE-2022-33324: Denial-of-Service Vulnerability in Ethernet port of MELSEC iQ-R, iQ-L Series and MELIPC Series

First published: Fri Dec 23 2022(Updated: )

Improper Resource Shutdown or Release vulnerability in Mitsubishi Electric Corporation MELSEC iQ-R Series R00/01/02CPU Firmware versions "32" and prior, Mitsubishi Electric Corporation MELSEC iQ-R Series R04/08/16/32/120(EN)CPU Firmware versions "65" and prior, Mitsubishi Electric Corporation MELSEC iQ-R Series R08/16/32/120SFCPU Firmware versions "29" and prior, Mitsubishi Electric Corporation MELSEC iQ-R Series R08/16/32/120PSFCPU Firmware versions "08" and prior, Mitsubishi Electric Corporation MELSEC iQ-R Series R12CCPU-V Firmware versions "17" and prior, Mitsubishi Electric Corporation MELSEC iQ-L Series L04/08/16/32HCPU Firmware versions "05" and prior and Mitsubishi Electric Corporation MELIPC Series MI5122-VW Firmware versions "07" and prior allows a remote unauthenticated attacker to cause a Denial of Service condition in Ethernet communication on the module by sending specially crafted packets. A system reset of the module is required for recovery.

Credit: Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp

Affected SoftwareAffected VersionHow to fix
Mitsubishi Melsec Iq-r R00 Cpu Firmware<33.0
Mitsubishi Melsec Iq-r R00 Cpu Firmware
Mitsubishi Melsec Iq-r R01 Cpu Firmware<33.0
Mitsubishi Melsec Iq-r R01 Cpu Firmware
Mitsubishi Melsec Iq-r R02 Cpu Firmware<33.0
Mitsubishi Melsec Iq-r R02 Cpu
Mitsubishi Melsec Iq-r R04 Pcpu Firmware<66.0
Mitsubishi Melsec Iq-r R04 Cpu Firmware
Mitsubishi Melsec Iq-r R08 Cpu Firmware<66.0
Mitsubishi Melsec Iq-r R08 Cpu Firmware
Mitsubishi Melsec Iq-r R16 Cpu Firmware<66.0
Mitsubishi Melsec Iq-r R16 Cpu
Mitsubishi Melsec Iq-r R32 CPU<66.0
Mitsubishi Melsec Iq-r R32 Cpu Firmware
Mitsubishi Melsec Iq-r R120 Cpu<66.0
Mitsubishi Melsec Iq-r R120 Cpu Firmware
Mitsubishi Melsec Iq-r R04 Sfcpu
Mitsubishi Melsec Iq-r R04 Sfcpu
Mitsubishi Melsec Iq-r R08 Cpu Firmware
Mitsubishi Melsec Iq-r R08 Sfcpu Firmware
Mitsubishi Melsec Iq-r R120 Sfcpu
Mitsubishi Melsec Iq-r R120 Cpu
Mitsubishi Melsec Iq-r R16 Sfcpu
Mitsubishi Melsec Iq-r R16 Sfcpu Firmware
Mitsubishi Melsec Iq-r R32 Sfcpu
Mitsubishi Melsec Iq-r R32 Sfcpu Firmware
Mitsubishi Melsec Iq-r R12 Ccpu-v
Mitsubishi Melsec Iq-r R12 Ccpu-v Firmware
Mitsubishi Electric Mi5122-vw Firmware
Mitsubishi Melipc Mi5122-vw Firmware
Mitsubishi Melsec Iq-l L04 Hcpu
Mitsubishi Melsec Iq-l L04 Hcpu Firmware
Mitsubishi Melsec Iq-l L08 Hcpu
Mitsubishi Melsec Iq-l L08 Hcpu Firmware
Mitsubishi Melsec Iq-l L16 Hcpu
Mitsubishi Melsec Iq-l L16 Hcpu Firmware
Mitsubishi Melsec Iq-l L32 Hcpu
Mitsubishi Melsec Iq-l L32 Hcpu Firmware
All of
Mitsubishi Melsec Iq-r R00 Cpu Firmware<33.0
Mitsubishi Melsec Iq-r R00 Cpu Firmware
All of
Mitsubishi Melsec Iq-r R01 Cpu Firmware<33.0
Mitsubishi Melsec Iq-r R01 Cpu Firmware
All of
Mitsubishi Melsec Iq-r R02 Cpu Firmware<33.0
Mitsubishi Melsec Iq-r R02 Cpu
All of
Mitsubishi Melsec Iq-r R04 Pcpu Firmware<66.0
Mitsubishi Melsec Iq-r R04 Cpu Firmware
All of
Mitsubishi Melsec Iq-r R08 Cpu Firmware<66.0
Mitsubishi Melsec Iq-r R08 Cpu Firmware
All of
Mitsubishi Melsec Iq-r R16 Cpu Firmware<66.0
Mitsubishi Melsec Iq-r R16 Cpu
All of
Mitsubishi Melsec Iq-r R32 CPU<66.0
Mitsubishi Melsec Iq-r R32 Cpu Firmware
All of
Mitsubishi Melsec Iq-r R120 Cpu<66.0
Mitsubishi Melsec Iq-r R120 Cpu Firmware
All of
Mitsubishi Melsec Iq-r R04 Sfcpu
Mitsubishi Melsec Iq-r R04 Sfcpu
All of
Mitsubishi Melsec Iq-r R08 Cpu Firmware
Mitsubishi Melsec Iq-r R08 Sfcpu Firmware
All of
Mitsubishi Melsec Iq-r R120 Sfcpu
Mitsubishi Melsec Iq-r R120 Cpu
All of
Mitsubishi Melsec Iq-r R16 Sfcpu
Mitsubishi Melsec Iq-r R16 Sfcpu Firmware
All of
Mitsubishi Melsec Iq-r R32 Sfcpu
Mitsubishi Melsec Iq-r R32 Sfcpu Firmware
All of
Mitsubishi Melsec Iq-r R12 Ccpu-v
Mitsubishi Melsec Iq-r R12 Ccpu-v Firmware
All of
Mitsubishi Electric Mi5122-vw Firmware
Mitsubishi Melipc Mi5122-vw Firmware
All of
Mitsubishi Melsec Iq-l L04 Hcpu
Mitsubishi Melsec Iq-l L04 Hcpu Firmware
All of
Mitsubishi Melsec Iq-l L08 Hcpu
Mitsubishi Melsec Iq-l L08 Hcpu Firmware
All of
Mitsubishi Melsec Iq-l L16 Hcpu
Mitsubishi Melsec Iq-l L16 Hcpu Firmware
All of
Mitsubishi Melsec Iq-l L32 Hcpu
Mitsubishi Melsec Iq-l L32 Hcpu Firmware

Remedy

https://www.cisa.gov/uscert/ics/advisories/icsa-22-356-03

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is the vulnerability ID?

    The vulnerability ID is CVE-2022-33324.

  • What is the severity of CVE-2022-33324?

    The severity of CVE-2022-33324 is high with a severity value of 7.5.

  • Which software versions are affected by CVE-2022-33324?

    Mitsubishi Electric Corporation MELSEC iQ-R Series R00/01/02CPU Firmware versions "32" and prior, Mitsubishi Electric Corporation MELSEC iQ-R Series R04/08/16/32/120(EN)CPU Firmware versions "65" and prior are affected by CVE-2022-33324.

  • How can I fix CVE-2022-33324?

    To fix CVE-2022-33324, it is recommended to update the affected software versions to a version higher than "33.0" for R00/01/02CPU Firmware and higher than "66.0" for R04/08/16/32/120(EN)CPU Firmware.

  • Where can I find more information about CVE-2022-33324?

    You can find more information about CVE-2022-33324 at the following references: [CVE-2022-33324](https://jvn.jp/vu/JVNVU96883262), [CISA Advisory](https://www.cisa.gov/uscert/ics/advisories/icsa-22-356-03), [Mitsubishi Electric PSIRT](https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-018_en.pdf).

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203