CVE-2020-14496

{"id": "CVE-2020-14496", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}, {"type": "Secondary", "source": "ics-cert@hq.dhs.gov", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 8.3, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 6.0, "exploitabilityScore": 1.6}]}, "published": "2022-05-19T18:15:08.360", "references": [{"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-20-212-02", "tags": ["Third Party Advisory", "US Government Resource"], "source": "ics-cert@hq.dhs.gov"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}, {"type": "Secondary", "source": "ics-cert@hq.dhs.gov", "description": [{"lang": "en", "value": "CWE-275"}]}], "descriptions": [{"lang": "en", "value": "Successful exploitation of this vulnerability for multiple Mitsubishi Electric Factory Automation Engineering Software Products of various versions could allow an attacker to escalate privilege and execute malicious programs, which could cause a denial-of-service condition, and allow information to be disclosed, tampered with, and/or destroyed."}, {"lang": "es", "value": "Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad para m\u00faltiples Productos Mitsubishi Electric Factory Automation Engineering Software de varias versiones podr\u00eda permitir a un atacante escalar privilegios y ejecutar programas maliciosos, lo que podr\u00eda causar una condici\u00f3n de denegaci\u00f3n de servicio, y permitir que la informaci\u00f3n sea divulgada, manipulada y/o destruida"}], "lastModified": "2022-06-07T21:15:13.723", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:mitsubishielectric:cpu_module_logging_configuration_tool:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "69A02BE6-633A-4A94-890C-586B3A42E19F", "versionEndExcluding": "1.106k"}, {"criteria": "cpe:2.3:a:mitsubishielectric:cw_configurator:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "60875630-C0F2-434E-8D11-51B44F62CBA5", "versionEndExcluding": "1.011m"}, {"criteria": "cpe:2.3:a:mitsubishielectric:data_transfer:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EE83331F-B795-410A-8510-351945025444", "versionEndExcluding": "3.41t"}, {"criteria": "cpe:2.3:a:mitsubishielectric:em_configurator:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A0A01F0C-0B10-4906-9389-4D53AE3CD7FD", "versionEndExcluding": "1.015r"}, {"criteria": "cpe:2.3:a:mitsubishielectric:ezsocket:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A9FFEA10-20FA-4B73-ACA5-AB7462820123", "versionEndExcluding": "4.6"}, {"criteria": "cpe:2.3:a:mitsubishielectric:fr_configurator2:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2877EB49-8A69-426B-B7EB-87DEF3975562", "versionEndExcluding": "1.23z"}, {"criteria": "cpe:2.3:a:mitsubishielectric:gt_designer3:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C3393020-A6E6-431A-B572-E28948F6A970", "versionEndExcluding": "1.236w"}, {"criteria": "cpe:2.3:a:mitsubishielectric:gt_softgot1000:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3DC963D1-281A-48DE-B822-5254643C98E7", "versionEndExcluding": "3.245f"}, {"criteria": "cpe:2.3:a:mitsubishielectric:gt_softgot2000:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "20E2D739-F982-4ED4-ADFB-505777CF9888", "versionEndExcluding": "1.236w"}, {"criteria": "cpe:2.3:a:mitsubishielectric:gx_logviewer:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0809A627-EEC8-475E-997F-E3FAE2C39261", "versionEndExcluding": "1.106k"}, {"criteria": "cpe:2.3:a:mitsubishielectric:gx_works2:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7F2B0AC1-1BEC-4D79-9995-527E3A770A66", "versionEndExcluding": "1.595v"}, {"criteria": "cpe:2.3:a:mitsubishielectric:gx_works3:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "80BF474D-E018-4612-93FD-F3A661C13A6D", "versionEndExcluding": "1.065t"}, {"criteria": "cpe:2.3:a:mitsubishielectric:m_commdtm-hart:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9C9ECB87-B07E-4E52-BF3F-8AD4AA03826B", "versionEndExcluding": "1.01b"}, {"criteria": "cpe:2.3:a:mitsubishielectric:m_commdtm-io-link:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "50FA8FAD-3DF4-453C-A55C-5F622DD76460", "versionEndExcluding": "1.04e"}, {"criteria": "cpe:2.3:a:mitsubishielectric:melfa-works:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "ED888C84-4CD8-464A-A3A0-F623EB0F4920", "versionEndExcluding": "4.4"}, {"criteria": "cpe:2.3:a:mitsubishielectric:melsoft_fielddeviceconfigurator:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EE1E2976-38B4-4B1B-AC01-B3D8C26A1BB2", "versionEndExcluding": "1.04e"}, {"criteria": "cpe:2.3:a:mitsubishielectric:melsoft_navigator:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "01D32795-831A-43D6-9F90-82A67F5E9081", "versionEndExcluding": "2.70y"}, {"criteria": "cpe:2.3:a:mitsubishielectric:mh11_settingtool_version2:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7A6DE218-D030-4DDF-B504-B176DFE7662A", "versionEndExcluding": "2.003d"}, {"criteria": "cpe:2.3:a:mitsubishielectric:motorizer:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0FD24F8E-869B-413A-9BF1-555CF827F3C9", "versionEndExcluding": "1.010l"}, {"criteria": "cpe:2.3:a:mitsubishielectric:mr_configurator2:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "470498DC-4A30-4EC2-B9C7-B5348D2F1381", "versionEndExcluding": "1.106l"}, {"criteria": "cpe:2.3:a:mitsubishielectric:mt_works2:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7926DBE1-335C-40E2-AD74-AE89DC9A0095", "versionEndExcluding": "1.160s"}, {"criteria": "cpe:2.3:a:mitsubishielectric:mx_component:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DCBBBA97-3C41-423F-8534-098070E49A97", "versionEndExcluding": "4.20w"}, {"criteria": "cpe:2.3:a:mitsubishielectric:network_interface_board_cc-link_ver.2_utility:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3CFA2E01-1D66-40D6-8575-0E216376CC25", "versionEndExcluding": "1.24a"}, {"criteria": "cpe:2.3:a:mitsubishielectric:network_interface_board_cc_ie_control_utility:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EBC15323-7468-4688-A9C2-01208B4849A4", "versionEndExcluding": "1.30g"}, {"criteria": "cpe:2.3:a:mitsubishielectric:network_interface_board_cc_ie_field_utility:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F605A144-5A10-44C9-94DC-3B0D66E39431", "versionEndExcluding": "1.17t"}, {"criteria": "cpe:2.3:a:mitsubishielectric:network_interface_board_mneth_utility:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "54DBB417-5543-4AEB-9467-6197868C8C18", "versionEndExcluding": "35m"}, {"criteria": "cpe:2.3:a:mitsubishielectric:px_developer:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9987641F-1BD4-445A-86E4-778CFFFFEBD2", "versionEndExcluding": "1.53f"}, {"criteria": "cpe:2.3:a:mitsubishielectric:rt_toolbox2:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A11F999D-CE97-49B6-9AF3-DD32D0E0779F", "versionEndExcluding": "3.73b"}, {"criteria": "cpe:2.3:a:mitsubishielectric:rt_toolbox3:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B03CE992-45F6-48EA-BE86-0041F0CDBEF7", "versionEndExcluding": "1.80j"}], "operator": "OR"}]}], "sourceIdentifier": "ics-cert@hq.dhs.gov"}