Out-of-bounds Read vulnerability in Mitsubishi Electric GX Works2 versions 1.606G and prior, Mitsubishi Electric MELSOFT Navigator versions 2.84N and prior and Mitsubishi Electric EZSocket versions 5.4 and prior allows an attacker to cause a DoS condition in the software by getting a user to open malicious project file specially crafted by an attacker.
References
Link | Resource |
---|---|
https://jvn.jp/vu/JVNVU93817405/index.html | Patch Third Party Advisory |
https://us-cert.cisa.gov/ics/advisories/icsa-21-350-05 | Third Party Advisory US Government Resource |
https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-021_en.pdf | Patch Vendor Advisory |
https://jvn.jp/vu/JVNVU93817405/index.html | Patch Third Party Advisory |
https://us-cert.cisa.gov/ics/advisories/icsa-21-350-05 | Third Party Advisory US Government Resource |
https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-021_en.pdf | Patch Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 05:46
Type | Values Removed | Values Added |
---|---|---|
References | () https://jvn.jp/vu/JVNVU93817405/index.html - Patch, Third Party Advisory | |
References | () https://us-cert.cisa.gov/ics/advisories/icsa-21-350-05 - Third Party Advisory, US Government Resource | |
References | () https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-021_en.pdf - Patch, Vendor Advisory |
Information
Published : 2021-12-17 17:15
Updated : 2024-11-21 05:46
NVD link : CVE-2021-20606
Mitre link : CVE-2021-20606
CVE.ORG link : CVE-2021-20606
JSON object : View
Products Affected
mitsubishielectric
- melsoft_navigator
- gx_works2
- ezsocket
CWE
CWE-125
Out-of-bounds Read