CVE-2023-51776

Improper privilege management in Jungo WinDriver before 12.1.0 allows local attackers to escalate privileges and execute arbitrary code.
Configurations

Configuration 1 (hide)

cpe:2.3:a:jungo:windriver:*:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:a:mitsubishielectric:cpu_module_logging_configuration_tool:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:cw_configurator:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:data_transfer:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:data_transfer_classic:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:ezsocket:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:fr_configurator_sw3:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:fr_configurator2:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:genesis64:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:gt_got1000:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:gt_got2000:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:gt_softgot1000:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:gt_softgot2000:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:gx_developer:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:gx_logviewer:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:gx_works2:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:gx_works3:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:iq_works:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:mi_configurator:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:mr_configurator:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:mr_configurator2:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:mx_component:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:mx_opc_server_da\/ua:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:numerical_control_device_communication:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:px_developer\/monitor_tool:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:rt_toolbox3:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:rt_visualbox:*:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:mitsubishielectric:mrzjw3-mc2-utl_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:mrzjw3-mc2-utl:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:mitsubishielectric:sw0dnc-mneth-b_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:sw0dnc-mneth-b:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:mitsubishielectric:sw1dnc-ccbd2-b_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:sw1dnc-ccbd2-b:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:mitsubishielectric:sw1dnc-ccief-j_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:sw1dnc-ccief-j:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:mitsubishielectric:sw1dnc-ccief-b_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:sw1dnc-ccief-b:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:mitsubishielectric:sw1dnc-mnetg-b_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:sw1dnc-mnetg-b:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:mitsubishielectric:sw1dnc-qsccf-b_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:sw1dnc-qsccf-b:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND
cpe:2.3:o:mitsubishielectric:sw1dnd-emsdk-b_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:sw1dnd-emsdk-b:-:*:*:*:*:*:*:*

History

05 Jul 2024, 15:56

Type Values Removed Values Added
CPE cpe:2.3:o:mitsubishielectric:sw1dnc-mnetg-b_firmware:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:mr_configurator2:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:mx_opc_server_da\/ua:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:gt_softgot2000:*:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:sw0dnc-mneth-b:-:*:*:*:*:*:*:*
cpe:2.3:o:mitsubishielectric:sw0dnc-mneth-b_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:mrzjw3-mc2-utl:-:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:numerical_control_device_communication:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:gx_developer:*:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:sw1dnc-ccief-j:-:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:mr_configurator:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:gt_softgot1000:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:gx_logviewer:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:iq_works:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:cpu_module_logging_configuration_tool:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:rt_visualbox:*:*:*:*:*:*:*:*
cpe:2.3:o:mitsubishielectric:mrzjw3-mc2-utl_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:sw1dnc-mnetg-b:-:*:*:*:*:*:*:*
cpe:2.3:o:mitsubishielectric:sw1dnc-qsccf-b_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:sw1dnc-ccief-b:-:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:genesis64:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:fr_configurator2:*:*:*:*:*:*:*:*
cpe:2.3:o:mitsubishielectric:sw1dnc-ccief-b_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:sw1dnc-qsccf-b:-:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:mx_component:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:rt_toolbox3:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:cw_configurator:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:data_transfer:*:*:*:*:*:*:*:*
cpe:2.3:o:mitsubishielectric:sw1dnc-ccief-j_firmware:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:px_developer\/monitor_tool:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:fr_configurator_sw3:*:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:sw1dnc-ccbd2-b:-:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:gt_got2000:*:*:*:*:*:*:*:*
cpe:2.3:a:jungo:windriver:*:*:*:*:*:*:*:*
cpe:2.3:o:mitsubishielectric:sw1dnd-emsdk-b_firmware:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:data_transfer_classic:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:gx_works3:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:gx_works2:*:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:sw1dnd-emsdk-b:-:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:gt_got1000:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:mi_configurator:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:ezsocket:*:*:*:*:*:*:*:*
cpe:2.3:o:mitsubishielectric:sw1dnc-ccbd2-b_firmware:*:*:*:*:*:*:*:*
References () https://jungo.com/windriver/versions/ - () https://jungo.com/windriver/versions/ - Release Notes
References () https://www.cisa.gov/news-events/ics-advisories/icsa-24-135-04 - () https://www.cisa.gov/news-events/ics-advisories/icsa-24-135-04 - Third Party Advisory, US Government Resource
References () https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2024-001_en.pdf - () https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2024-001_en.pdf - Third Party Advisory
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 7.8
First Time Mitsubishielectric gx Works2
Mitsubishielectric sw1dnc-ccief-b
Mitsubishielectric mi Configurator
Mitsubishielectric sw1dnc-mnetg-b
Mitsubishielectric cpu Module Logging Configuration Tool
Mitsubishielectric sw1dnd-emsdk-b Firmware
Mitsubishielectric
Mitsubishielectric sw0dnc-mneth-b Firmware
Mitsubishielectric data Transfer Classic
Mitsubishielectric mx Component
Mitsubishielectric sw1dnc-ccief-j
Mitsubishielectric iq Works
Mitsubishielectric cw Configurator
Mitsubishielectric sw1dnc-qsccf-b Firmware
Mitsubishielectric gx Developer
Mitsubishielectric mr Configurator2
Mitsubishielectric sw0dnc-mneth-b
Mitsubishielectric fr Configurator Sw3
Mitsubishielectric fr Configurator2
Mitsubishielectric gt Softgot1000
Mitsubishielectric gx Works3
Mitsubishielectric gt Got2000
Mitsubishielectric sw1dnc-ccbd2-b
Mitsubishielectric rt Toolbox3
Mitsubishielectric rt Visualbox
Mitsubishielectric sw1dnc-ccbd2-b Firmware
Mitsubishielectric data Transfer
Mitsubishielectric genesis64
Mitsubishielectric sw1dnc-ccief-j Firmware
Mitsubishielectric mr Configurator
Mitsubishielectric sw1dnc-ccief-b Firmware
Mitsubishielectric ezsocket
Mitsubishielectric sw1dnc-qsccf-b
Mitsubishielectric px Developer\/monitor Tool
Mitsubishielectric mrzjw3-mc2-utl Firmware
Mitsubishielectric gt Softgot2000
Mitsubishielectric numerical Control Device Communication
Mitsubishielectric mrzjw3-mc2-utl
Mitsubishielectric sw1dnc-mnetg-b Firmware
Mitsubishielectric mx Opc Server Da\/ua
Mitsubishielectric sw1dnd-emsdk-b
Mitsubishielectric gx Logviewer
Jungo windriver
Jungo
Mitsubishielectric gt Got1000
Summary
  • (es) La gestión inadecuada de privilegios en Jungo WinDriver anterior a 12.1.0 permite a atacantes locales escalar privilegios y ejecutar código arbitrario.
CWE NVD-CWE-noinfo

02 Jul 2024, 16:15

Type Values Removed Values Added
Summary (en) Improper privilege management in Jungo WinDriver 12.1.0 allows local attackers to escalate privileges and execute arbitrary code. (en) Improper privilege management in Jungo WinDriver before 12.1.0 allows local attackers to escalate privileges and execute arbitrary code.

02 Jul 2024, 15:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-07-02 15:15

Updated : 2024-07-05 15:56


NVD link : CVE-2023-51776

Mitre link : CVE-2023-51776

CVE.ORG link : CVE-2023-51776


JSON object : View

Products Affected

mitsubishielectric

  • mx_component
  • mrzjw3-mc2-utl_firmware
  • sw1dnc-mnetg-b_firmware
  • gt_softgot1000
  • gx_works3
  • gt_softgot2000
  • mi_configurator
  • rt_toolbox3
  • sw1dnd-emsdk-b
  • mr_configurator
  • data_transfer_classic
  • sw1dnc-qsccf-b_firmware
  • sw0dnc-mneth-b
  • sw1dnc-ccief-b_firmware
  • px_developer\/monitor_tool
  • cw_configurator
  • rt_visualbox
  • ezsocket
  • gx_developer
  • sw1dnc-ccbd2-b
  • sw1dnc-qsccf-b
  • mr_configurator2
  • fr_configurator_sw3
  • data_transfer
  • iq_works
  • mx_opc_server_da\/ua
  • numerical_control_device_communication
  • fr_configurator2
  • sw0dnc-mneth-b_firmware
  • gt_got1000
  • sw1dnc-ccief-j
  • mrzjw3-mc2-utl
  • sw1dnc-ccief-b
  • sw1dnd-emsdk-b_firmware
  • gx_logviewer
  • cpu_module_logging_configuration_tool
  • sw1dnc-ccbd2-b_firmware
  • gt_got2000
  • sw1dnc-mnetg-b
  • sw1dnc-ccief-j_firmware
  • gx_works2
  • genesis64

jungo

  • windriver