Vulnerabilities (CVE)

Filtered by vendor Mitsubishielectric Subscribe
Filtered by product Gx Works3
Total 33 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-6943 1 Mitsubishielectric 10 Ezsocket, Fr Configurator2, Got1000 and 7 more 2024-11-01 N/A 9.8 CRITICAL
Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') vulnerability in Mitsubishi Electric Corporation EZSocket versions 3.0 and later, GT Designer3 Version1(GOT1000) all versions, GT Designer3 Version1(GOT2000) all versions, GX Works2 versions 1.11M and later, GX Works3 versions 1.106L and prior, MELSOFT Navigator versions 1.04E and later, MT Works2 all versions, MX Component versions 4.00A and later and MX OPC Server DA/UA all versions allows a remote unauthenticated attacker to execute a malicious code by RPC with a path to a malicious library while connected to the products.
CVE-2023-6942 1 Mitsubishielectric 10 Ezsocket, Fr Configurator2, Got1000 and 7 more 2024-11-01 N/A 7.5 HIGH
Missing Authentication for Critical Function vulnerability in Mitsubishi Electric Corporation EZSocket versions 3.0 and later, GT Designer3 Version1(GOT1000) all versions, GT Designer3 Version1(GOT2000) all versions, GX Works2 versions 1.11M and later, GX Works3 versions 1.106L and prior, MELSOFT Navigator versions 1.04E and later, MT Works2 all versions, MX Component versions 4.00A and later and MX OPC Server DA/UA all versions allows a remote unauthenticated attacker to bypass authentication by sending specially crafted packets and connect to the products illegally.
CVE-2024-22105 2 Jungo, Mitsubishielectric 43 Windriver, Cpu Module Logging Configuration Tool, Cw Configurator and 40 more 2024-10-30 N/A 5.5 MEDIUM
Denial of Service (DoS) vulnerability in Jungo WinDriver before 12.5.1 allows local attackers to cause a Windows blue screen error.
CVE-2024-25087 2 Jungo, Mitsubishielectric 43 Windriver, Cpu Module Logging Configuration Tool, Cw Configurator and 40 more 2024-10-30 N/A 5.5 MEDIUM
Denial of Service (DoS) vulnerability in Jungo WinDriver before 12.7.0 allows local attackers to cause a Windows blue screen error.
CVE-2023-51777 2 Jungo, Mitsubishielectric 43 Windriver, Cpu Module Logging Configuration Tool, Cw Configurator and 40 more 2024-10-28 N/A 5.5 MEDIUM
Denial of Service (DoS) vulnerability in Jungo WinDriver before 12.1.0 allows local attackers to cause a Windows blue screen error.
CVE-2020-14521 1 Mitsubishielectric 60 C Controller Interface Module Utility, C Controller Module Setting And Monitoring Tool, Cc-link Ie Control Network Data Collector and 57 more 2024-09-17 7.5 HIGH 9.8 CRITICAL
Multiple Mitsubishi Electric Factory Automation engineering software products have a malicious code execution vulnerability. A malicious attacker could use this vulnerability to obtain information, modify information, and cause a denial-of-service condition.
CVE-2024-25088 2 Jungo, Mitsubishielectric 43 Windriver, Cpu Module Logging Configuration Tool, Cw Configurator and 40 more 2024-08-01 N/A 7.8 HIGH
Improper privilege management in Jungo WinDriver before 12.5.1 allows local attackers to escalate privileges and execute arbitrary code.
CVE-2024-25086 2 Jungo, Mitsubishielectric 43 Windriver, Cpu Module Logging Configuration Tool, Cw Configurator and 40 more 2024-07-08 N/A 7.8 HIGH
Improper privilege management in Jungo WinDriver before 12.2.0 allows local attackers to escalate privileges and execute arbitrary code.
CVE-2024-22104 2 Jungo, Mitsubishielectric 43 Windriver, Cpu Module Logging Configuration Tool, Cw Configurator and 40 more 2024-07-08 N/A 5.5 MEDIUM
Out-of-Bounds Write vulnerability in Jungo WinDriver before 12.5.1 allows local attackers to cause a Windows blue screen error and Denial of Service (DoS).
CVE-2024-26314 2 Jungo, Mitsubishielectric 43 Windriver, Cpu Module Logging Configuration Tool, Cw Configurator and 40 more 2024-07-05 N/A 7.8 HIGH
Improper privilege management in Jungo WinDriver 6.0.0 through 16.1.0 allows local attackers to escalate privileges and execute arbitrary code.
CVE-2024-22106 2 Jungo, Mitsubishielectric 43 Windriver, Cpu Module Logging Configuration Tool, Cw Configurator and 40 more 2024-07-05 N/A 7.8 HIGH
Improper privilege management in Jungo WinDriver before 12.5.1 allows local attackers to escalate privileges, execute arbitrary code, or cause a Denial of Service (DoS).
CVE-2024-22103 2 Jungo, Mitsubishielectric 43 Windriver, Cpu Module Logging Configuration Tool, Cw Configurator and 40 more 2024-07-05 N/A 5.5 MEDIUM
Out-of-Bounds Write vulnerability in Jungo WinDriver before 12.6.0 allows local attackers to cause a Windows blue screen error and Denial of Service (DoS).
CVE-2024-22102 2 Jungo, Mitsubishielectric 43 Windriver, Cpu Module Logging Configuration Tool, Cw Configurator and 40 more 2024-07-05 N/A 5.5 MEDIUM
Denial of Service (DoS) vulnerability in Jungo WinDriver before 12.6.0 allows local attackers to cause a Windows blue screen error.
CVE-2023-51778 2 Jungo, Mitsubishielectric 43 Windriver, Cpu Module Logging Configuration Tool, Cw Configurator and 40 more 2024-07-05 N/A 5.5 MEDIUM
Out-of-Bounds Write vulnerability in Jungo WinDriver before 12.1.0 allows local attackers to cause a Windows blue screen error and Denial of Service (DoS).
CVE-2023-51776 2 Jungo, Mitsubishielectric 43 Windriver, Cpu Module Logging Configuration Tool, Cw Configurator and 40 more 2024-07-05 N/A 7.8 HIGH
Improper privilege management in Jungo WinDriver before 12.1.0 allows local attackers to escalate privileges and execute arbitrary code.
CVE-2023-4088 1 Mitsubishielectric 1 Gx Works3 2024-07-04 N/A 7.8 HIGH
Incorrect Default Permissions vulnerability in Mitsubishi Electric Corporation multiple FA engineering software products allows a malicious local attacker to execute a malicious code, resulting in information disclosure, tampering with and deletion, or a denial-of-service (DoS) condition, if the product is installed in a folder other than the default installation folder.
CVE-2023-5247 1 Mitsubishielectric 4 Gx Works3, Melsoft Iq Appportal, Melsoft Navigator and 1 more 2024-02-28 N/A 7.8 HIGH
Malicious Code Execution Vulnerability due to External Control of File Name or Path in multiple Mitsubishi Electric FA Engineering Software Products allows a malicious attacker to execute a malicious code by having legitimate users open a specially crafted project file, which could result in information disclosure, tampering and deletion, or a denial-of-service (DoS) condition.
CVE-2022-29828 1 Mitsubishielectric 1 Gx Works3 2024-02-28 N/A 7.5 HIGH
Use of Hard-coded Cryptographic Key vulnerability in Mitsubishi Electric GX Works3 versions from 1.000A and later allows a remote unauthenticated attacker to disclose sensitive information. As a result, unauthenticated attackers may view programs and project file or execute programs illegally.
CVE-2022-29826 1 Mitsubishielectric 1 Gx Works3 2024-02-28 N/A 7.5 HIGH
Cleartext Storage of Sensitive Information vulnerability in Mitsubishi Electric GX Works3 versions from 1.000A to 1.087R and Motion Control Setting(GX Works3 related software) versions from 1.000A to 1.042U allows a remote unauthenticated attacker to disclose sensitive information. As a result, unauthenticated users may view programs and project files or execute programs illegally.
CVE-2022-29832 1 Mitsubishielectric 1 Gx Works3 2024-02-28 N/A 6.5 MEDIUM
Cleartext Storage of Sensitive Information in Memory vulnerability in Mitsubishi Electric Corporation GX Works3 versions 1.015R and later, GX Works2 all versions and GX Developer versions 8.40S and later allows a remote unauthenticated attacker to disclose sensitive information. As a result, unauthenticated users could obtain information about the project file for MELSEC safety CPU modules or project file for MELSEC Q/FX/L series with security setting.