CVE-2020-14523

Multiple Mitsubishi Electric Factory Automation products have a vulnerability that allows an attacker to execute arbitrary code.
References
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:mitsubishielectric:cw_configurator:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:fr_configurator2:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:gx_works2:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:gx_works3:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:iu_configuration_tool:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:iu_developer2:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:melsoft_iq_appportal:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:melsoft_navigator:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:mi_configurator:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:mr_configurator2:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:mt_works2:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:mx_component:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:rt_toolbox3:*:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:mitsubishielectric:rd78g4_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:rd78g4:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:mitsubishielectric:rd78g8_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:rd78g8:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:mitsubishielectric:rd78g16_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:rd78g16:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:mitsubishielectric:rd78g32_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:rd78g32:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:mitsubishielectric:rd78g64_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:rd78g64:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:mitsubishielectric:rd78ghv_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:rd78ghv:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:mitsubishielectric:rd78ghw_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:rd78ghw:-:*:*:*:*:*:*:*

History

No history.

Information

Published : 2022-02-11 18:15

Updated : 2024-02-28 19:09


NVD link : CVE-2020-14523

Mitre link : CVE-2020-14523

CVE.ORG link : CVE-2020-14523


JSON object : View

Products Affected

mitsubishielectric

  • gx_works2
  • iu_developer2
  • rd78g64
  • rd78g4_firmware
  • rd78g16
  • rd78ghw
  • gx_works3
  • rd78g32_firmware
  • melsoft_iq_appportal
  • mr_configurator2
  • rd78g32
  • rd78ghw_firmware
  • melsoft_navigator
  • iu_configuration_tool
  • fr_configurator2
  • cw_configurator
  • rd78g16_firmware
  • mx_component
  • mi_configurator
  • rd78g8_firmware
  • rd78g4
  • rt_toolbox3
  • rd78g8
  • rd78ghv_firmware
  • rd78ghv
  • mt_works2
  • rd78g64_firmware
CWE
CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')