1. EXECUTIVE SUMMARY
- CVSS v3 6.5
- ATTENTION: Exploitable remotely/low attack complexity
- Vendor: Mitsubishi Electric
- Equipment: CC-Link IE TSN Industrial Managed Switch
- Vulnerabilities: Observable Timing Discrepancy, Double Free
2. RISK EVALUATION
Successful exploitation of these vulnerabilities could result in disclosure of information stored in the product by sending specially crafted packets or could cause a denial-of service (DoS) condition by getting a legitimate user to import a specially crafted certificate
3. TECHNICAL DETAILS
3.1 AFFECTED PRODUCTS
The following versions of Mitsubishi Electric products are affected:
- CC-Link IE TSN Industrial Managed Switch, model NZ2MHG-TSNT8F2 NZ2MHG-TSNT4: All versions
3.2 Vulnerability Overview
3.2.1 OBSERVABLE TIMING DISCREPANCY CWE-208
An attacker could decrypt ciphertext and disclose sensitive information by sending specially crafted packets and performing a Bleichenbacher style attack.
CVE-2022-4304 has been assigned to this vulnerability. A CVSS v3 base score of 5.9 has been calculated; the CVSS vector string is (AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N).
3.2.2 DOUBLE FREE CWE-415
An attacker could cause a denial-of-service (DoS) condition on the product by leading a legitimate user to import a malicious certificate.
CVE-2022-4450 has been assigned to this vulnerability. A CVSS v3 base score of 6.5 has been calculated; the CVSS vector string is (AV
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
Read the original article: