CVE-2022-24296
Use of a Broken or Risky Cryptographic Algorithm vulnerability in Air Conditioning System G-150AD Ver. 3.21 and prior, Air Conditioning System AG-150A-A Ver. 3.21 and prior, Air Conditioning System AG-150A-J Ver. 3.21 and prior, Air Conditioning System GB-50AD Ver. 3.21 and prior, Air Conditioning System GB-50ADA-A Ver. 3.21 and prior, Air Conditioning System GB-50ADA-J Ver. 3.21 and prior, Air Conditioning System EB-50GU-A Ver. 7.10 and prior, Air Conditioning System EB-50GU-J Ver. 7.10 and prior, Air Conditioning System AE-200J Ver. 7.97 and prior, Air Conditioning System AE-200A Ver. 7.97 and prior, Air Conditioning System AE-200E Ver. 7.97 and prior, Air Conditioning System AE-50J Ver. 7.97 and prior, Air Conditioning System AE-50A Ver. 7.97 and prior, Air Conditioning System AE-50E Ver. 7.97 and prior, Air Conditioning System EW-50J Ver. 7.97 and prior, Air Conditioning System EW-50A Ver. 7.97 and prior, Air Conditioning System EW-50E Ver. 7.97 and prior, Air Conditioning System TE-200A Ver. 7.97 and prior, Air Conditioning System TE-50A Ver. 7.97 and prior and Air Conditioning System TW-50A Ver. 7.97 and prior allows a remote unauthenticated attacker to cause a disclosure of encrypted message of the air conditioning systems by sniffing encrypted communications.
EPSS 0.24% · 47.3th percentile
Risk Scores
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| mitsubishi | ew-50a_firmware | 0 |
| mitsubishi | eb-50gu-j_firmware | 0 |
| n/a | Air Conditioning System G-150AD; Air Conditioning System AG-150A-A; Air Conditioning System AG-150A-J; Air Conditioning System GB-50AD; Air Conditioning System GB-50ADA-A; Air Conditioning System GB-50ADA-J; Air Conditioning System EB-50GU-A; Air Conditioning System EB-50GU-J; Air Conditioning System AE-200J; Air Conditioning System AE-200A; Air Conditioning System AE-200E; Air Conditioning System AE-50J; Air Conditioning System AE-50A; Air Conditioning System AE-50E; Air Conditioning System EW-50J; Air Conditioning System EW-50A; Air Conditioning System EW-50E; Air Conditioning System TE-200A; Air Conditioning System TE-50A; Air Conditioning System TW-50A | Air Conditioning System EW-50E Ver. 7.97 and prior, Air Conditioning System AE-200J Ver. 7.97 and prior, Air Conditioning System AE-200A Ver. 7.97 and prior |
| mitsubishi | ag-150a-j_firmware | 0 |
| mitsubishi | ae-200j_firmware | 0 |
| mitsubishi | te-200a_firmware | 0 |
| mitsubishi | te-50a_firmware | 0 |
| mitsubishi | ag-150a-a_firmware | 0 |
| mitsubishi | ew-50e_firmware | 0 |
| mitsubishi | gb-50ada-j_firmware | 0 |
| mitsubishi | ae-200e_firmware | 0 |
| mitsubishi | tw-50a_firmware | 0 |
| mitsubishi | eb-50gu-a_firmware | 0 |
| mitsubishi | gb-50a_firmware | 0 |
| mitsubishi | g-150ad_firmware | 0 |
| mitsubishi | ae-50e_firmware | 0 |
| mitsubishi | ae-200a_firmware | 0 |
| mitsubishi | gb-50ada-a_firmware | 0 |
| mitsubishi | ae-50a_firmware | 0 |
| mitsubishi | ae-50j_firmware | 0 |
…and 1 more
Exploit Intelligence
Timeline
- Jun 8, 2022 CVE Published
- Jun 9, 2022 EPSS Score
- Jul 28, 2022 EPSS Score
- Sep 15, 2022 EPSS Score
- Nov 2, 2022 EPSS Score
- Dec 20, 2022 EPSS Score
- Feb 6, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Mar 27, 2023 EPSS Score
- May 14, 2023 EPSS Score
- Jul 1, 2023 EPSS Score
- Aug 18, 2023 EPSS Score