CVE-2022-24296
Summary
| CVE | CVE-2022-24296 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2022-06-08 15:15:00 UTC |
| Updated | 2022-06-17 15:36:00 UTC |
| Description | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Air Conditioning System G-150AD Ver. 3.21 and prior, Air Conditioning System AG-150A-A Ver. 3.21 and prior, Air Conditioning System AG-150A-J Ver. 3.21 and prior, Air Conditioning System GB-50AD Ver. 3.21 and prior, Air Conditioning System GB-50ADA-A Ver. 3.21 and prior, Air Conditioning System GB-50ADA-J Ver. 3.21 and prior, Air Conditioning System EB-50GU-A Ver. 7.10 and prior, Air Conditioning System EB-50GU-J Ver. 7.10 and prior, Air Conditioning System AE-200J Ver. 7.97 and prior, Air Conditioning System AE-200A Ver. 7.97 and prior, Air Conditioning System AE-200E Ver. 7.97 and prior, Air Conditioning System AE-50J Ver. 7.97 and prior, Air Conditioning System AE-50A Ver. 7.97 and prior, Air Conditioning System AE-50E Ver. 7.97 and prior, Air Conditioning System EW-50J Ver. 7.97 and prior, Air Conditioning System EW-50A Ver. 7.97 and prior, Air Conditioning System EW-50E Ver. 7.97 and prior, Air Conditioning System TE-200A Ver. 7.97 and prior, Air Conditioning System TE-50A Ver. 7.97 and prior and Air Conditioning System TW-50A Ver. 7.97 and prior allows a remote unauthenticated attacker to cause a disclosure of encrypted message of the air conditioning systems by sniffing encrypted communications. |
Risk And Classification
Problem Types: CWE-327
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Hardware | Mitsubishi | Ae-200a | - | All | All | All |
| Operating System | Mitsubishi | Ae-200a Firmware | All | All | All | All |
| Hardware | Mitsubishi | Ae-200e | - | All | All | All |
| Operating System | Mitsubishi | Ae-200e Firmware | All | All | All | All |
| Hardware | Mitsubishi | Ae-200j | - | All | All | All |
| Operating System | Mitsubishi | Ae-200j Firmware | All | All | All | All |
| Hardware | Mitsubishi | Ae-50a | - | All | All | All |
| Operating System | Mitsubishi | Ae-50a Firmware | All | All | All | All |
| Hardware | Mitsubishi | Ae-50e | - | All | All | All |
| Operating System | Mitsubishi | Ae-50e Firmware | All | All | All | All |
| Hardware | Mitsubishi | Ae-50j | - | All | All | All |
| Operating System | Mitsubishi | Ae-50j Firmware | All | All | All | All |
| Hardware | Mitsubishi | Ag-150a-a | - | All | All | All |
| Operating System | Mitsubishi | Ag-150a-a Firmware | All | All | All | All |
| Hardware | Mitsubishi | Ag-150a-j | - | All | All | All |
| Operating System | Mitsubishi | Ag-150a-j Firmware | All | All | All | All |
| Hardware | Mitsubishi | Eb-50gu-a | - | All | All | All |
| Operating System | Mitsubishi | Eb-50gu-a Firmware | All | All | All | All |
| Hardware | Mitsubishi | Eb-50gu-j | - | All | All | All |
| Operating System | Mitsubishi | Eb-50gu-j Firmware | All | All | All | All |
| Hardware | Mitsubishi | Ew-50a | - | All | All | All |
| Operating System | Mitsubishi | Ew-50a Firmware | All | All | All | All |
| Hardware | Mitsubishi | Ew-50e | - | All | All | All |
| Operating System | Mitsubishi | Ew-50e Firmware | All | All | All | All |
| Hardware | Mitsubishi | Ew-50j | - | All | All | All |
| Operating System | Mitsubishi | Ew-50j Firmware | All | All | All | All |
| Hardware | Mitsubishi | G-150ad | - | All | All | All |
| Operating System | Mitsubishi | G-150ad Firmware | All | All | All | All |
| Hardware | Mitsubishi | Gb-50a | - | All | All | All |
| Hardware | Mitsubishi | Gb-50ada-a | - | All | All | All |
| Operating System | Mitsubishi | Gb-50ada-a Firmware | All | All | All | All |
| Hardware | Mitsubishi | Gb-50ada-j | - | All | All | All |
| Operating System | Mitsubishi | Gb-50ada-j Firmware | All | All | All | All |
| Operating System | Mitsubishi | Gb-50a Firmware | All | All | All | All |
| Hardware | Mitsubishi | Te-200a | - | All | All | All |
| Operating System | Mitsubishi | Te-200a Firmware | All | All | All | All |
| Hardware | Mitsubishi | Te-50a | - | All | All | All |
| Operating System | Mitsubishi | Te-50a Firmware | All | All | All | All |
| Hardware | Mitsubishi | Tw-50a | - | All | All | All |
| Operating System | Mitsubishi | Tw-50a Firmware | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| JVNVU#95298925: 三菱電機製の空調管理システムにおける複数の脆弱性 | MISC | jvn.jp | |
| www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-005_en.pdf | MISC | www.mitsubishielectric.com | |
| www.mee.co.jp/psirt/vulnerability/pdf/2022-001.pdf | MISC | www.mee.co.jp | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 591186 Mitsubishi Electric Air Conditioning Systems Multiple Vulnerabilities (ICSA-22-160-01)