{"vulnerability": "CVE-2022-2982", "sightings": [{"uuid": "229be4e7-3866-4d79-8898-a032e3e6952c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-29826", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/13484", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-29826\n\ud83d\udd25 CVSS Score: 6.8 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N)\n\ud83d\udd39 Description: Cleartext Storage of Sensitive Information vulnerability in Mitsubishi Electric GX Works3 versions from 1.000A to 1.087R and Motion Control Setting(GX Works3 related software) versions from 1.000A to 1.042U allows a remote unauthenticated attacker to disclose sensitive information. As a result, unauthenticated users may view programs and project files or execute programs illegally.\n\ud83d\udccf Published: 2022-11-24T23:22:21.828Z\n\ud83d\udccf Modified: 2025-04-25T17:51:52.195Z\n\ud83d\udd17 References:\n1. https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-015_en.pdf\n2. https://jvn.jp/vu/JVNVU97244961/index.html\n3. https://www.cisa.gov/uscert/ics/advisories/icsa-22-333-05", "creation_timestamp": "2025-04-25T18:08:17.000000Z"}, {"uuid": "8e79db1a-a962-44da-8b79-b7a0424b004f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-29825", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/13483", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-29825\n\ud83d\udd25 CVSS Score: 5.6 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N)\n\ud83d\udd39 Description: Use of Hard-coded Password vulnerability in Mitsubishi Electric GX Works3 versions from 1.000A to 1.090U and GT Designer3 Version1 (GOT2000) versions from 1.122C to 1.290C allows an unauthenticated attacker to disclose sensitive information. As a result, unauthenticated users may view programs and project files or execute programs illegally.\n\ud83d\udccf Published: 2022-11-24T23:21:54.776Z\n\ud83d\udccf Modified: 2025-04-25T17:52:21.905Z\n\ud83d\udd17 References:\n1. https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-015_en.pdf\n2. https://jvn.jp/vu/JVNVU97244961/index.html\n3. https://www.cisa.gov/uscert/ics/advisories/icsa-22-333-05", "creation_timestamp": "2025-04-25T18:08:16.000000Z"}, {"uuid": "31419cb0-0357-4c5b-b313-9143ac08c732", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-29828", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/13486", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-29828\n\ud83d\udd25 CVSS Score: 6.8 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N)\n\ud83d\udd39 Description: Use of Hard-coded Cryptographic Key vulnerability in Mitsubishi Electric GX Works3 versions from 1.000A and later allows a remote unauthenticated attacker to disclose sensitive information. As a result, unauthenticated attackers may view programs and project file or execute programs illegally.\n\ud83d\udccf Published: 2022-11-24T23:23:04.141Z\n\ud83d\udccf Modified: 2025-04-25T17:51:05.762Z\n\ud83d\udd17 References:\n1. https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-015_en.pdf\n2. https://jvn.jp/vu/JVNVU97244961/index.html\n3. https://www.cisa.gov/uscert/ics/advisories/icsa-22-333-05", "creation_timestamp": "2025-04-25T18:08:21.000000Z"}, {"uuid": "fab8da77-8150-4ac9-9498-10da6dc5c315", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-29827", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/13485", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-29827\n\ud83d\udd25 CVSS Score: 6.8 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N)\n\ud83d\udd39 Description: Use of Hard-coded Cryptographic Key vulnerability in Mitsubishi Electric GX Works3 versions from 1.000A and later allows a remote unauthenticated attacker to disclose sensitive information. As a result, unauthenticated attackers may view programs and project files or execute programs illegally.\n\ud83d\udccf Published: 2022-11-24T23:22:43.489Z\n\ud83d\udccf Modified: 2025-04-25T17:51:32.509Z\n\ud83d\udd17 References:\n1. https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-015_en.pdf\n2. https://jvn.jp/vu/JVNVU97244961/index.html\n3. https://www.cisa.gov/uscert/ics/advisories/icsa-22-333-05", "creation_timestamp": "2025-04-25T18:08:17.000000Z"}, {"uuid": "bb0b6048-7d51-4ced-8ff2-6b033a97da33", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-2982", "type": "seen", "source": "https://t.me/cibsecurity/48818", "content": "\u203c CVE-2022-2982 \u203c\n\nUse After Free in GitHub repository vim/vim prior to 9.0.0259.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-26T00:24:08.000000Z"}, {"uuid": "10af098f-9458-4466-ba99-a3843d62f56c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-29825", "type": "published-proof-of-concept", "source": "https://t.me/ics_cert/728", "content": "\u06a9\u0634\u0641 \u06cc\u06a9 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u062f\u0631 \u0646\u0631\u0645 \u0627\u0641\u0632\u0627\u0631 \u0628\u0631\u0646\u0627\u0645\u0647 \u0646\u0648\u06cc\u0633\u06cc Mitsubishi Electric GX Works3 PLC \u0645\u0631\u0628\u0648\u0637 \u0628\u0647 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0627\u0639\u062a\u0628\u0627\u0631\u0646\u0627\u0645\u0647 \u0647\u0627\u0631\u062f \u06a9\u062f \u0634\u062f\u0647 \u0627\u0633\u062a. \n\n\u0628\u0647\u0631\u0647 \u0628\u0631\u062f\u0627\u0631\u06cc \u0627\u0632 \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u0645\u06cc \u062a\u0648\u0627\u0646\u062f \u0628\u0647 \u0645\u0647\u0627\u062c\u0645 \u0631\u0627\u0647 \u062f\u0648\u0631 \u0627\u062c\u0627\u0632\u0647 \u062f\u0647\u062f \u062a\u0627 \u0628\u0647 \u0627\u0637\u0644\u0627\u0639\u0627\u062a \u0645\u062d\u0627\u0641\u0638\u062a \u0634\u062f\u0647 \u062f\u0633\u062a\u0631\u0633\u06cc \u067e\u06cc\u062f\u0627 \u06a9\u0646\u062f\n\nBDU: 2023-01472\nCVE-2022-29825\n\n\u0628\u0647 \u0631\u0648\u0632 \u0631\u0633\u0627\u0646\u06cc \u0647\u0627 \u0631\u0627 \u0627\u0632 \u0645\u0646\u0627\u0628\u0639 \u0642\u0627\u0628\u0644 \u0627\u0639\u062a\u0645\u0627\u062f \u0646\u0635\u0628 \u06a9\u0646\u06cc\u062f.\n\u0628\u0627 \u062a\u0648\u062c\u0647 \u0628\u0647 \u0634\u0631\u0627\u06cc\u0637 \u0641\u0639\u0644\u06cc \u0648 \u062a\u062d\u0631\u06cc\u0645 \u0647\u0627\u06cc \u0627\u0639\u0645\u0627\u0644 \u0634\u062f\u0647\u060c \u062a\u0648\u0635\u06cc\u0647 \u0645\u06cc \u0634\u0648\u062f \u0628\u0647 \u0631\u0648\u0632 \u0631\u0633\u0627\u0646\u06cc \u0646\u0631\u0645 \u0627\u0641\u0632\u0627\u0631 \u0631\u0627 \u062a\u0646\u0647\u0627 \u067e\u0633 \u0627\u0632 \u0627\u0631\u0632\u06cc\u0627\u0628\u06cc \u062a\u0645\u0627\u0645 \u062e\u0637\u0631\u0627\u062a \u0645\u0631\u062a\u0628\u0637 \u0646\u0635\u0628 \u06a9\u0646\u06cc\u062f.\n\n\u0627\u0642\u062f\u0627\u0645\u0627\u062a \u062c\u0628\u0631\u0627\u0646\u06cc:\n- \u062a\u0642\u0633\u06cc\u0645 \u0628\u0646\u062f\u06cc \u0634\u0628\u06a9\u0647 \u0628\u0647 \u0645\u0646\u0638\u0648\u0631 \u0645\u062d\u062f\u0648\u062f \u06a9\u0631\u062f\u0646 \u062f\u0633\u062a\u0631\u0633\u06cc \u0628\u0647 \u062a\u062c\u0647\u06cc\u0632\u0627\u062a \u0635\u0646\u0639\u062a\u06cc.\n- \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0641\u0627\u06cc\u0631\u0648\u0627\u0644 \u0628\u0631\u0627\u06cc \u0645\u062d\u062f\u0648\u062f \u06a9\u0631\u062f\u0646 \u0627\u0645\u06a9\u0627\u0646 \u062f\u0633\u062a\u0631\u0633\u06cc \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631.\n- \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0645\u062d\u0627\u0641\u0638\u062a \u0636\u062f \u0648\u06cc\u0631\u0648\u0633\u061b\n- \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0627\u0628\u0632\u0627\u0631 \u0634\u062e\u0635 \u062b\u0627\u0644\u062b \u0628\u0631\u0627\u06cc \u06a9\u0646\u062a\u0631\u0644 \u062f\u0633\u062a\u0631\u0633\u06cc \u06a9\u0627\u0631\u0628\u0631 (VPN \u0648 \u063a\u06cc\u0631\u0647) \u0628\u0647 \u0645\u062d\u0635\u0648\u0644 \u0646\u0631\u0645 \u0627\u0641\u0632\u0627\u0631\u06cc \u0627\u0632 \u0634\u0628\u06a9\u0647 \u0647\u0627\u06cc \u0639\u0645\u0648\u0645\u06cc (\u0627\u06cc\u0646\u062a\u0631\u0646\u062a).\n\n\u0628\u0627 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u062a\u0648\u0635\u06cc\u0647 \u0647\u0627\u06cc \u0633\u0627\u0632\u0646\u062f\u0647:\nhttps://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-015_en.pdf\n\n\ud83d\udc6e\u200d\u2640\ufe0f\ud83d\udc6e\u200d\u2640\ufe0f \u0628\u0627\u0632\u0646\u0634\u0631 \u0645\u0637\u0627\u0644\u0628 \u0627\u06cc\u0646 \u06a9\u0627\u0646\u0627\u0644 \u0635\u0631\u0641\u0627 \u0628\u0627 \u0630\u06a9\u0631 \u0645\u0646\u0628\u0639 \u0648 \u0622\u062f\u0631\u0633 \u06a9\u0627\u0645\u0644 \u06a9\u0627\u0646\u0627\u0644 \u0645\u062c\u0627\u0632 \u0645\u06cc\u0628\u0627\u0634\u062f.\n\n\ud83c\udfed\u0648\u0628\u0633\u0627\u06cc\u062a \u0648 \u06a9\u0627\u0646\u0627\u0644 \u062a\u062e\u0635\u0635\u06cc \u0627\u0645\u0646\u06cc\u062a \u0632\u06cc\u0631\u0633\u0627\u062e\u062a\u0647\u0627\u06cc \u0627\u062a\u0648\u0645\u0627\u0633\u06cc\u0648\u0646 \u0648 \u06a9\u0646\u062a\u0631\u0644 \u0635\u0646\u0639\u062a\u06cc\n\n\u0627\u062f\u0645\u06cc\u0646:\nhttps://t.me/pedram_kiani\n\u06a9\u0627\u0646\u0627\u0644 \u062a\u0644\u06af\u0631\u0627\u0645:\nhttps://t.me/ics_cert\n\u062a\u0648\u06cc\u06cc\u062a\u0631:\nhttps://twitter.com/icscerti", "creation_timestamp": "2023-03-30T20:05:02.000000Z"}, {"uuid": "3a665b15-7afc-4f9e-896a-879064ea6d98", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-29821", "type": "seen", "source": "https://t.me/cibsecurity/41554", "content": "\u203c CVE-2022-29821 \u203c\n\nIn JetBrains Rider before 2022.1 local code execution via links in ReSharper Quick Documentation was possible\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-28T14:24:19.000000Z"}, {"uuid": "be499493-13a2-4928-a675-1fe1a94b90ba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-29820", "type": "seen", "source": "https://t.me/cibsecurity/41557", "content": "\u203c CVE-2022-29820 \u203c\n\nIn JetBrains PyCharm before 2022.1 exposure of the debugger port to the internal network was possible\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-28T14:24:23.000000Z"}, {"uuid": "60167c12-d0f2-47f7-8e19-81eb72810c4e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-29824", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/6126", "content": "#exploit\n1. Chromium v8 js engine - UAF in x64 Instruction Optimization Vulnerability Analysis\nhttps://infosecwriteups.com/zero-day-vulnerability-chromium-v8-js-engine-issue-1303458-use-after-free-in-x64-instruction-e874419436a6\n2. CVE-2022-29824:\nheap-buffer-overflow in xmlBufAdd\nhttps://bugs.chromium.org/p/project-zero/issues/detail?id=2272", "creation_timestamp": "2022-06-03T11:31:01.000000Z"}]}