Total
26 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-6943 | 1 Mitsubishielectric | 10 Ezsocket, Fr Configurator2, Got1000 and 7 more | 2024-11-01 | N/A | 9.8 CRITICAL |
| Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') vulnerability in Mitsubishi Electric Corporation EZSocket versions 3.0 and later, GT Designer3 Version1(GOT1000) all versions, GT Designer3 Version1(GOT2000) all versions, GX Works2 versions 1.11M and later, GX Works3 versions 1.106L and prior, MELSOFT Navigator versions 1.04E and later, MT Works2 all versions, MX Component versions 4.00A and later and MX OPC Server DA/UA all versions allows a remote unauthenticated attacker to execute a malicious code by RPC with a path to a malicious library while connected to the products. | |||||
| CVE-2023-6942 | 1 Mitsubishielectric | 10 Ezsocket, Fr Configurator2, Got1000 and 7 more | 2024-11-01 | N/A | 7.5 HIGH |
| Missing Authentication for Critical Function vulnerability in Mitsubishi Electric Corporation EZSocket versions 3.0 and later, GT Designer3 Version1(GOT1000) all versions, GT Designer3 Version1(GOT2000) all versions, GX Works2 versions 1.11M and later, GX Works3 versions 1.106L and prior, MELSOFT Navigator versions 1.04E and later, MT Works2 all versions, MX Component versions 4.00A and later and MX OPC Server DA/UA all versions allows a remote unauthenticated attacker to bypass authentication by sending specially crafted packets and connect to the products illegally. | |||||
| CVE-2024-22105 | 2 Jungo, Mitsubishielectric | 43 Windriver, Cpu Module Logging Configuration Tool, Cw Configurator and 40 more | 2024-10-30 | N/A | 5.5 MEDIUM |
| Denial of Service (DoS) vulnerability in Jungo WinDriver before 12.5.1 allows local attackers to cause a Windows blue screen error. | |||||
| CVE-2024-25087 | 2 Jungo, Mitsubishielectric | 43 Windriver, Cpu Module Logging Configuration Tool, Cw Configurator and 40 more | 2024-10-30 | N/A | 5.5 MEDIUM |
| Denial of Service (DoS) vulnerability in Jungo WinDriver before 12.7.0 allows local attackers to cause a Windows blue screen error. | |||||
| CVE-2023-51777 | 2 Jungo, Mitsubishielectric | 43 Windriver, Cpu Module Logging Configuration Tool, Cw Configurator and 40 more | 2024-10-28 | N/A | 5.5 MEDIUM |
| Denial of Service (DoS) vulnerability in Jungo WinDriver before 12.1.0 allows local attackers to cause a Windows blue screen error. | |||||
| CVE-2020-14521 | 1 Mitsubishielectric | 60 C Controller Interface Module Utility, C Controller Module Setting And Monitoring Tool, Cc-link Ie Control Network Data Collector and 57 more | 2024-09-17 | 7.5 HIGH | 9.8 CRITICAL |
| Multiple Mitsubishi Electric Factory Automation engineering software products have a malicious code execution vulnerability. A malicious attacker could use this vulnerability to obtain information, modify information, and cause a denial-of-service condition. | |||||
| CVE-2024-25088 | 2 Jungo, Mitsubishielectric | 43 Windriver, Cpu Module Logging Configuration Tool, Cw Configurator and 40 more | 2024-08-01 | N/A | 7.8 HIGH |
| Improper privilege management in Jungo WinDriver before 12.5.1 allows local attackers to escalate privileges and execute arbitrary code. | |||||
| CVE-2024-25086 | 2 Jungo, Mitsubishielectric | 43 Windriver, Cpu Module Logging Configuration Tool, Cw Configurator and 40 more | 2024-07-08 | N/A | 7.8 HIGH |
| Improper privilege management in Jungo WinDriver before 12.2.0 allows local attackers to escalate privileges and execute arbitrary code. | |||||
| CVE-2024-22104 | 2 Jungo, Mitsubishielectric | 43 Windriver, Cpu Module Logging Configuration Tool, Cw Configurator and 40 more | 2024-07-08 | N/A | 5.5 MEDIUM |
| Out-of-Bounds Write vulnerability in Jungo WinDriver before 12.5.1 allows local attackers to cause a Windows blue screen error and Denial of Service (DoS). | |||||
| CVE-2024-26314 | 2 Jungo, Mitsubishielectric | 43 Windriver, Cpu Module Logging Configuration Tool, Cw Configurator and 40 more | 2024-07-05 | N/A | 7.8 HIGH |
| Improper privilege management in Jungo WinDriver 6.0.0 through 16.1.0 allows local attackers to escalate privileges and execute arbitrary code. | |||||
| CVE-2024-22106 | 2 Jungo, Mitsubishielectric | 43 Windriver, Cpu Module Logging Configuration Tool, Cw Configurator and 40 more | 2024-07-05 | N/A | 7.8 HIGH |
| Improper privilege management in Jungo WinDriver before 12.5.1 allows local attackers to escalate privileges, execute arbitrary code, or cause a Denial of Service (DoS). | |||||
| CVE-2024-22103 | 2 Jungo, Mitsubishielectric | 43 Windriver, Cpu Module Logging Configuration Tool, Cw Configurator and 40 more | 2024-07-05 | N/A | 5.5 MEDIUM |
| Out-of-Bounds Write vulnerability in Jungo WinDriver before 12.6.0 allows local attackers to cause a Windows blue screen error and Denial of Service (DoS). | |||||
| CVE-2024-22102 | 2 Jungo, Mitsubishielectric | 43 Windriver, Cpu Module Logging Configuration Tool, Cw Configurator and 40 more | 2024-07-05 | N/A | 5.5 MEDIUM |
| Denial of Service (DoS) vulnerability in Jungo WinDriver before 12.6.0 allows local attackers to cause a Windows blue screen error. | |||||
| CVE-2023-51778 | 2 Jungo, Mitsubishielectric | 43 Windriver, Cpu Module Logging Configuration Tool, Cw Configurator and 40 more | 2024-07-05 | N/A | 5.5 MEDIUM |
| Out-of-Bounds Write vulnerability in Jungo WinDriver before 12.1.0 allows local attackers to cause a Windows blue screen error and Denial of Service (DoS). | |||||
| CVE-2023-51776 | 2 Jungo, Mitsubishielectric | 43 Windriver, Cpu Module Logging Configuration Tool, Cw Configurator and 40 more | 2024-07-05 | N/A | 7.8 HIGH |
| Improper privilege management in Jungo WinDriver before 12.1.0 allows local attackers to escalate privileges and execute arbitrary code. | |||||
| CVE-2023-5275 | 1 Mitsubishielectric | 1 Gx Works2 | 2024-02-28 | N/A | 4.7 MEDIUM |
| Improper Input Validation vulnerability in simulation function of GX Works2 allows an attacker to cause a denial-of-service (DoS) condition on the function by sending specially crafted packets. However, the attacker would need to send the packets from within the same personal computer where the function is running. | |||||
| CVE-2023-5274 | 1 Mitsubishielectric | 1 Gx Works2 | 2024-02-28 | N/A | 4.7 MEDIUM |
| Improper Input Validation vulnerability in simulation function of GX Works2 allows an attacker to cause a denial-of-service (DoS) condition on the function by sending specially crafted packets. However, the attacker would need to send the packets from within the same personal computer where the function is running. | |||||
| CVE-2020-14523 | 1 Mitsubishielectric | 27 Cw Configurator, Fr Configurator2, Gx Works2 and 24 more | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
| Multiple Mitsubishi Electric Factory Automation products have a vulnerability that allows an attacker to execute arbitrary code. | |||||
| CVE-2020-14496 | 1 Mitsubishielectric | 29 Cpu Module Logging Configuration Tool, Cw Configurator, Data Transfer and 26 more | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
| Successful exploitation of this vulnerability for multiple Mitsubishi Electric Factory Automation Engineering Software Products of various versions could allow an attacker to escalate privilege and execute malicious programs, which could cause a denial-of-service condition, and allow information to be disclosed, tampered with, and/or destroyed. | |||||
| CVE-2021-20606 | 1 Mitsubishielectric | 3 Ezsocket, Gx Works2, Melsoft Navigator | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
| Out-of-bounds Read vulnerability in Mitsubishi Electric GX Works2 versions 1.606G and prior, Mitsubishi Electric MELSOFT Navigator versions 2.84N and prior and Mitsubishi Electric EZSocket versions 5.4 and prior allows an attacker to cause a DoS condition in the software by getting a user to open malicious project file specially crafted by an attacker. | |||||