VDB
ICSA-22-160-01
ICSA-22-160-01
PUBLISHED
CVSS 3.0999999046325684 LOW
Successful exploitation of these vulnerabilities could allow an attacker to disclose or tamper data in communication between the air conditioning system and the external computers or cause a denial-of-service condition.
Risk Scores
CVSS 3.1
3.0999999046325684
CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| TE-50A: Versions 7.97 and prior | ||
| GB-50ADA-A: Versions 3.21 and prior | ||
| AG-150A-A: Versions 3.21 and prior | ||
| GB-50AD: Versions 3.21 and prior | ||
| AE-50A: Versions 7.97 and prior | ||
| TE-200A: Versions 7.97 and prior | ||
| AE-200E: Versions 7.97 and prior | ||
| AE-50E: Versions 7.97 and prior | ||
| TW-50A: Versions 7.97 and prior | ||
| EB-50GU-A: Versions. 7.10 and prior | ||
| EW-50E: Versions 7.97 and prior | ||
| GB-50ADA-J: Versions 3.21 and prior | ||
| AE-200A: Versions 7.97 and prior | ||
| AG-150A-J: Versions 3.21 and prior | ||
| EW-50J: Versions 7.97 and prior | ||
| EW-50A: Versions 7.97 and prior | ||
| G-150AD: Versions 3.21 and prior | ||
| EB-50GU-J: Versions 7.10 and prior | ||
| AE-200J: Versions 7.97 and prior | ||
| AE-50J: Versions 7.97 and prior |
Timeline
- Jun 9, 2022 CVE Published
- Apr 11, 2025 PoC Published
References
- https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2022/icsa-22-160-01.json advisory
- https://www.cisa.gov/news-events/ics-advisories/icsa-22-160-01 advisory
- https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01 url
- https://www.cisa.gov/uscert/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf url
- https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-005_en.pdf fix