PT-2021-08: Possibility of authorization in Remote Password mechanism using password hash in FX5U(C) CPU and FX5UJ CPU modules FX5U(C) CPU and FX5UJ CPU modules Severity level Severity level: Medium Impact: Possibility of authorization in Remote Password mechanism using password hash Access Vector: Remote CVSS v3.0 Base Score: 5,9 Vector: (AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N) CVE-2022-25155 Vulnerability description:Exploiting the vulnerability of the FX5U(C) CPU and FX5U CPU modules of Mitsubishi Electric FA products may allow an attacker to perform authorization in Remote Password mechanism using password hash Advisory status 15.12.2021 - Vendor gets vulnerability details 31.03.2022 - Security advisory publication date (https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-031_en.pdf ) Credits The vulnerability was detected by Anton Dorfman (Positive Technologies)