QID 590708
Date Published: 2022-07-18
QID 590708: Mitsubishi Electric Air Conditioning System Vulnerability (ICSA-21-182-04)
AFFECTED PRODUCTS
Mitsubishi Electric reports this vulnerability affects the following air conditioning systems:
Air Conditioning System / Centralized Controllers affected:
G-50A: Version 2.50 to Version 3.35
GB-50A: Version 2.50 to Version 3.35
AG-150A-A: Versions 3.20 and prior
AG-150A-J: Versions 3.20 and prior
GB-50ADA-A: Versions 3.20 and prior
GB-50ADA-J: Versions 3.20 and prior
EB-50GU-A: Versions 7.09 and prior
EB-50GU-J: Versions 7.09 and prior
AE-200A: Versions 7.93 and prior
AE-200E: Versions 7.93 and prior
AE-50A: Versions 7.93 and prior
AE-50E: Versions 7.93 and prior
EW-50A: Versions 7.93 and prior
EW-50E: Versions 7.93 and prior
TE-200A: Versions 7.93 and prior
TE-50A: Versions 7.93 and prior
TW-50A: Versions 7.93 and prior
CMS-RMD-J: Versions 1.30 and prior
An attacker could exploit this vulnerability by impersonating administrators to disclose configuration information of the air conditioning system in order to tamper with operation information and system configuration.
Customers are advised to refer to CERT MITIGATIONS section ICSA-21-182-04 for affected packages and patching details.
Air Conditioning System / Expansion Controllers are affected:
- ICSA-21-182-04 -
www.us-cert.gov/ics/advisories/ICSA-21-182-04
CVEs related to QID 590708
| Advisory ID | Software | Component | Link |
|---|---|---|---|
| ICSA-21-182-04 |
www.us-cert.gov/ics/advisories/ICSA-21-182-04 |