CVE-2022-40267
CVE-2022-40267 is a medium-severity vulnerability in Mitsubishielectric Fx5u-80mt/ess Firmware with a CVSS 3.x base score of 5.9. It is not currently listed as actively exploited by CISA, and its EPSS exploit-prediction score is low. The underlying weakness is classified as CWE-335.
Key facts
- Severity: Medium (CVSS 3.x base score 5.9)
- EPSS exploit prediction: 1% (64th percentile)
- Actively exploited: Not listed in CISA KEV
- Weakness: CWE-335
- Affected product: Mitsubishielectric Fx5u-80mt/ess Firmware
- Published:
- Last modified:
Description
Predictable Seed in Pseudo-Random Number Generator (PRNG) vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series FX5U-xMy/z (x=32,64,80, y=T,R, z=ES,DS,ESS,DSS) with serial number 17X**** or later, and versions 1.280 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5U-xMy/z (x=32,64,80, y=T,R, z=ES,DS,ESS,DSS) with serial number 179**** and prior, and versions 1.074 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5UC-xMy/z (x=32,64,96, y=T, z=D,DSS)) with serial number 17X**** or later, and versions 1.280 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5UC-xMy/z (x=32,64,96, y=T, z=D,DSS)) with serial number 179**** and prior, and versions 1.074 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5UC-32MT/DS-TS versions 1.280 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5UC-32MT/DSS-TS versions 1.280 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5UJ-xMy/z (x=24,40,60, y=T,R, z=ES,ESS) versions 1.042 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5UJ-xMy/ES-A (x=24,40,60, y=T,R) versions 1.043 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5S-xMy/z (x=30,40,60,80, y=T,R, z=ES,ESS) versions 1.003 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5UC-32MR/DS-TS versions 1.280 and prior, Mitsubishi Electric Corporation MELSEC iQ-R Series R00/01/02CPU versions 33 and prior, Mitsubishi Electric Corporation MELSEC iQ-R Series R04/08/16/32/120(EN)CPU versions 66 and prior allows a remote unauthenticated attacker to access the Web server function by guessing the random numbers used for authentication from several used random numbers.
Frequently asked questions
- What is CVE-2022-40267?
- Predictable Seed in Pseudo-Random Number Generator (PRNG) vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series FX5U-xMy/z (x=32,64,80, y=T,R, z=ES,DS,ESS,DSS) with serial number 17X**** or later, and versions 1.280 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5U-xMy/z (x=32,64,80, y=T,R, z=ES,DS,ESS,DSS) with serial number 179**** and prior, and versions 1.074 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5UC-xMy/z (x=32,64,96, y=T, z=D,DSS)) with serial number 17X**** or later, and versions 1.280 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5UC-xMy/z (x=32,64,96, y=T, z=D,DSS)) with serial number 179**** and prior, and versions 1.074 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5UC-32MT/DS-TS versions 1.280 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5UC-32MT/DSS-TS versions 1.280 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5UJ-xMy/z (x=24,40,60, y=T,R, z=ES,ESS) versions 1.042 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5UJ-xMy/ES-A (x=24,40,60, y=T,R) versions 1.043 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5S-xMy/z (x=30,40,60,80, y=T,R, z=ES,ESS) versions 1.003 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5UC-32MR/DS-TS versions 1.280 and prior, Mitsubishi Electric Corporation MELSEC iQ-R Series R00/01/02CPU versions 33 and prior, Mitsubishi Electric Corporation MELSEC iQ-R Series R04/08/16/32/120(EN)CPU versions 66 and prior allows a remote unauthenticated attacker to access the Web server function by guessing the random numbers used for authentication from several used random numbers.
- How severe is CVE-2022-40267?
- CVE-2022-40267 has a CVSS 3.x base score of 5.9, rated medium severity. It is exploitable over network with high attack complexity, requires no privileges and no user interaction. Impact on confidentiality is none, integrity high, and availability none.
- Is CVE-2022-40267 being actively exploited?
- It is not currently listed in CISA's KEV catalog. Its EPSS exploit-prediction score is 1% (64th percentile), an estimate of the probability of exploitation in the next 30 days.
- What products are affected by CVE-2022-40267?
- CVE-2022-40267 primarily affects Mitsubishielectric Fx5u-80mt/ess Firmware. In total, 53 product configurations (CPEs) are listed as vulnerable; see the affected-products list for the exact versions.
- How do I fix CVE-2022-40267?
- Review the linked vendor and NVD advisories for patched versions and mitigations, then upgrade or apply the recommended workaround.
- When was CVE-2022-40267 published?
- CVE-2022-40267 was published on 2023-01-20 and last updated on 2026-06-17.
References
- https://jvn.jp/vu/JVNVU99673580/index.html
- https://www.cisa.gov/uscert/ics/advisories/icsa-23-017-02
- https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-019_en.pdf
- https://www.talosintelligence.com/vulnerability_reports/TALOS-2022-1646
Affected products (53)
- cpe:2.3:o:mitsubishielectric:fx5u-80mt\/ess_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:mitsubishielectric:fx5u-32mt\/dss_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:mitsubishielectric:fx5u-64mt\/dss_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:mitsubishielectric:fx5u-80mt\/dss_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:mitsubishielectric:fx5uc-32mt\/d_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:mitsubishielectric:fx5uc-64mt\/d_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:mitsubishielectric:fx5uc-96mt\/d_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:mitsubishielectric:fx5uc-32mt\/dss_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:mitsubishielectric:fx5uc-64mt\/dss_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:mitsubishielectric:fx5uc-96mt\/dss_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:mitsubishielectric:fx5uc-32mt\/ds-ts_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:mitsubishielectric:fx5uc-32mt\/dss-ts_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:mitsubishielectric:fx5uc-32mr\/ds-ts_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:mitsubishielectric:r00cpu_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:mitsubishielectric:r01cpu_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:mitsubishielectric:r02cpu_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:mitsubishielectric:r04cpu_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:mitsubishielectric:r08cpu_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:mitsubishielectric:r16cpu_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:mitsubishielectric:r32cpu_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:mitsubishielectric:r120cpu_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:mitsubishielectric:r04encpu_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:mitsubishielectric:r08encpu_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:mitsubishielectric:r16encpu_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:mitsubishielectric:r32encpu_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:mitsubishielectric:r120encpu_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:mitsubishielectric:fx5uj-24mt\/es_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:mitsubishielectric:fx5uj-40mt\/es_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:mitsubishielectric:fx5uj-60mt\/es_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:mitsubishielectric:fx5uj-24mr\/es_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:mitsubishielectric:fx5uj-40mr\/es_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:mitsubishielectric:fx5uj-60mr\/es_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:mitsubishielectric:fx5uj-24mt\/ess_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:mitsubishielectric:fx5uj-40mt\/ess_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:mitsubishielectric:fx5uj-60mt\/ess_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:mitsubishielectric:fx5uj-24mt\/es-a_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:mitsubishielectric:fx5uj-40mt\/es-a_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:mitsubishielectric:fx5uj-60mt\/es-a_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:mitsubishielectric:fx5uj-24mr\/es-a_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:mitsubishielectric:fx5uj-40mr\/es-a_firmware:*:*:*:*:*:*:*:*
More vulnerabilities in Mitsubishielectric Fx5u-80mt/ess Firmware
- CVE-2023-4699 — Critical (CVSS 10.0): Missing Authentication for Critical Function vulnerability in Mitsubishi Electric Corporation MELSEC-F Series CPU…
- CVE-2023-4625 — Medium (CVSS 5.3): Improper Restriction of Excessive Authentication Attempts vulnerability in Mitsubishi Electric Corporation MELSEC…
All CVEs affecting Mitsubishielectric Fx5u-80mt/ess Firmware →
Other CWE-335 vulnerabilities
- CVE-2024-36048 — Critical (CVSS 9.8): QAbstractOAuth in Qt Network Authorization in Qt before 5.15.17, 6.x before 6.2.13, 6.3.x through 6.5.x before 6.5.6,…
- CVE-2023-4472 — Critical (CVSS 9.8): Objectplanet Opinio version 7.22 and prior uses a cryptographically weak pseudo-random number generator (PRNG) coupled…
- CVE-2012-1577 — Critical (CVSS 9.8): lib/libc/stdlib/random.c in OpenBSD returns 0 when seeded with 0.
- CVE-2019-11495 — Critical (CVSS 9.8): In Couchbase Server 5.1.1, the cookie used for intra-node communication was not generated securely. Couchbase Server…
- CVE-2019-10908 — Critical (CVSS 9.8): In Airsonic 10.2.1, RecoverController.java generates passwords via org.apache.commons.lang.RandomStringUtils, which…
- CVE-2017-11519 — Critical (CVSS 9.8): passwd_recovery.lua on the TP-Link Archer C9(UN)_V2_160517 allows an attacker to reset the admin password by leveraging…