QID 591186
Date Published: 2022-11-18
QID 591186: Mitsubishi Electric Air Conditioning Systems Multiple Vulnerabilities (ICSA-22-160-01)
AFFECTED PRODUCTS
The firmware on the following Mitsubishi Electric products is affected:
G-150AD: Versions 3.21 and prior
AG-150A-A: Versions 3.21 and prior
AG-150A-J: Versions 3.21 and prior
GB-50AD: Versions 3.21 and prior
GB-50ADA-A: Versions 3.21 and prior
GB-50ADA-J: Versions 3.21 and prior
EB-50GU-A: Versions. 7.10 and prior
EB-50GU-J: Versions 7.10 and prior
AE-200J: Versions 7.97 and prior
AE-200A: Versions 7.97 and prior
AE-200E: Versions 7.97 and prior
AE-50J: Versions 7.97 and prior
AE-50A: Versions 7.97 and prior
AE-50E: Versions 7.97 and prior
EW-50J: Versions 7.97 and prior
EW-50A: Versions 7.97 and prior
EW-50E: Versions 7.97 and prior
TE-200A: Versions 7.97 and prior
TE-50A: Versions 7.97 and prior
TW-50A: Versions 7.97 and prior
QID Detection Logic (Authenticated):
QID checks for the Vulnerable version of using passive scanning
Successful exploitation of these vulnerabilities could allow an attacker to disclose or tamper data in communication between the air conditioning system and the external computers or cause a denial-of-service condition.
Customers are advised to refer to CERT MITIGATIONS section icsa-22-160-01 for affected packages and patching details.
- icsa-22-160-01 -
www.cisa.gov/uscert/ics/advisories/icsa-22-160-01
CVEs related to QID 591186
| Advisory ID | Software | Component | Link |
|---|---|---|---|
| https://www.cisa.gov/uscert/ics/advisories/icsa-22-160-01 |
www.cisa.gov/uscert/ics/advisories/icsa-22-160-01 |