Filtered by vendor Mitsubishielectric
Subscriptions
Filtered by product Gx Works3
Subscriptions
Total
33 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2024-26314 | 3 Iconics, Jungo, Mitsubishielectric | 49 Genesis64, Windriver, C Controller Module Setting And Monitoring Tool and 46 more | 2024-11-21 | 7.8 High |
Improper privilege management in Jungo WinDriver 6.0.0 through 16.1.0 allows local attackers to escalate privileges and execute arbitrary code. | ||||
CVE-2024-25088 | 2 Jungo, Mitsubishielectric | 43 Windriver, Cpu Module Logging Configuration Tool, Cw Configurator and 40 more | 2024-11-21 | 7.8 High |
Improper privilege management in Jungo WinDriver before 12.5.1 allows local attackers to escalate privileges and execute arbitrary code. | ||||
CVE-2024-25087 | 2 Jungo, Mitsubishielectric | 43 Windriver, Cpu Module Logging Configuration Tool, Cw Configurator and 40 more | 2024-11-21 | 5.5 Medium |
Denial of Service (DoS) vulnerability in Jungo WinDriver before 12.7.0 allows local attackers to cause a Windows blue screen error. | ||||
CVE-2024-25086 | 2 Jungo, Mitsubishielectric | 43 Windriver, Cpu Module Logging Configuration Tool, Cw Configurator and 40 more | 2024-11-21 | 7.8 High |
Improper privilege management in Jungo WinDriver before 12.2.0 allows local attackers to escalate privileges and execute arbitrary code. | ||||
CVE-2024-22106 | 2 Jungo, Mitsubishielectric | 43 Windriver, Cpu Module Logging Configuration Tool, Cw Configurator and 40 more | 2024-11-21 | 8.8 High |
Improper privilege management in Jungo WinDriver before 12.5.1 allows local attackers to escalate privileges, execute arbitrary code, or cause a Denial of Service (DoS). | ||||
CVE-2024-22105 | 2 Jungo, Mitsubishielectric | 43 Windriver, Cpu Module Logging Configuration Tool, Cw Configurator and 40 more | 2024-11-21 | 5.5 Medium |
Denial of Service (DoS) vulnerability in Jungo WinDriver before 12.5.1 allows local attackers to cause a Windows blue screen error. | ||||
CVE-2024-22104 | 2 Jungo, Mitsubishielectric | 43 Windriver, Cpu Module Logging Configuration Tool, Cw Configurator and 40 more | 2024-11-21 | 5.5 Medium |
Out-of-Bounds Write vulnerability in Jungo WinDriver before 12.5.1 allows local attackers to cause a Windows blue screen error and Denial of Service (DoS). | ||||
CVE-2024-22103 | 2 Jungo, Mitsubishielectric | 43 Windriver, Cpu Module Logging Configuration Tool, Cw Configurator and 40 more | 2024-11-21 | 5.5 Medium |
Out-of-Bounds Write vulnerability in Jungo WinDriver before 12.6.0 allows local attackers to cause a Windows blue screen error and Denial of Service (DoS). | ||||
CVE-2024-22102 | 2 Jungo, Mitsubishielectric | 43 Windriver, Cpu Module Logging Configuration Tool, Cw Configurator and 40 more | 2024-11-21 | 5.5 Medium |
Denial of Service (DoS) vulnerability in Jungo WinDriver before 12.6.0 allows local attackers to cause a Windows blue screen error. | ||||
CVE-2023-6943 | 1 Mitsubishielectric | 10 Ezsocket, Fr Configurator2, Got1000 and 7 more | 2024-11-21 | 9.8 Critical |
Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') vulnerability in Mitsubishi Electric Corporation EZSocket versions 3.0 and later, GT Designer3 Version1(GOT1000) all versions, GT Designer3 Version1(GOT2000) all versions, GX Works2 versions 1.11M and later, GX Works3 versions 1.106L and prior, MELSOFT Navigator versions 1.04E and later, MT Works2 all versions, MX Component versions 4.00A and later and MX OPC Server DA/UA all versions allows a remote unauthenticated attacker to execute a malicious code by RPC with a path to a malicious library while connected to the products. | ||||
CVE-2023-6942 | 1 Mitsubishielectric | 10 Ezsocket, Fr Configurator2, Got1000 and 7 more | 2024-11-21 | 7.5 High |
Missing Authentication for Critical Function vulnerability in Mitsubishi Electric Corporation EZSocket versions 3.0 and later, GT Designer3 Version1(GOT1000) all versions, GT Designer3 Version1(GOT2000) all versions, GX Works2 versions 1.11M and later, GX Works3 versions 1.106L and prior, MELSOFT Navigator versions 1.04E and later, MT Works2 all versions, MX Component versions 4.00A and later and MX OPC Server DA/UA all versions allows a remote unauthenticated attacker to bypass authentication by sending specially crafted packets and connect to the products illegally. | ||||
CVE-2023-5247 | 1 Mitsubishielectric | 4 Gx Works3, Melsoft Iq Appportal, Melsoft Navigator and 1 more | 2024-11-21 | 7.8 High |
Malicious Code Execution Vulnerability due to External Control of File Name or Path in multiple Mitsubishi Electric FA Engineering Software Products allows a malicious attacker to execute a malicious code by having legitimate users open a specially crafted project file, which could result in information disclosure, tampering and deletion, or a denial-of-service (DoS) condition. | ||||
CVE-2023-51778 | 2 Jungo, Mitsubishielectric | 43 Windriver, Cpu Module Logging Configuration Tool, Cw Configurator and 40 more | 2024-11-21 | 5.5 Medium |
Out-of-Bounds Write vulnerability in Jungo WinDriver before 12.1.0 allows local attackers to cause a Windows blue screen error and Denial of Service (DoS). | ||||
CVE-2023-51777 | 2 Jungo, Mitsubishielectric | 43 Windriver, Cpu Module Logging Configuration Tool, Cw Configurator and 40 more | 2024-11-21 | 5.5 Medium |
Denial of Service (DoS) vulnerability in Jungo WinDriver before 12.1.0 allows local attackers to cause a Windows blue screen error. | ||||
CVE-2023-51776 | 2 Jungo, Mitsubishielectric | 43 Windriver, Cpu Module Logging Configuration Tool, Cw Configurator and 40 more | 2024-11-21 | 7.8 High |
Improper privilege management in Jungo WinDriver before 12.1.0 allows local attackers to escalate privileges and execute arbitrary code. | ||||
CVE-2023-4088 | 1 Mitsubishielectric | 1 Gx Works3 | 2024-11-21 | 9.3 Critical |
Incorrect Default Permissions vulnerability in Mitsubishi Electric Corporation multiple FA engineering software products allows a malicious local attacker to execute a malicious code, resulting in information disclosure, tampering with and deletion, or a denial-of-service (DoS) condition, if the product is installed in a folder other than the default installation folder. | ||||
CVE-2022-29833 | 1 Mitsubishielectric | 1 Gx Works3 | 2024-11-21 | 6.8 Medium |
Insufficiently Protected Credentials vulnerability in Mitsubishi Electric Corporation GX Works3 versions 1.015R and later allows a remote unauthenticated attacker to disclose sensitive information. As a result, unauthenticated users could access to MELSEC safety CPU modules illgally. | ||||
CVE-2022-29832 | 1 Mitsubishielectric | 1 Gx Works3 | 2024-11-21 | 3.7 Low |
Cleartext Storage of Sensitive Information in Memory vulnerability in Mitsubishi Electric Corporation GX Works3 versions 1.015R and later, GX Works2 all versions and GX Developer versions 8.40S and later allows a remote unauthenticated attacker to disclose sensitive information. As a result, unauthenticated users could obtain information about the project file for MELSEC safety CPU modules or project file for MELSEC Q/FX/L series with security setting. | ||||
CVE-2022-29831 | 1 Mitsubishielectric | 1 Gx Works3 | 2024-11-21 | 7.5 High |
Use of Hard-coded Password vulnerability in Mitsubishi Electric Corporation GX Works3 versions from 1.015R to 1.095Z allows a remote unauthenticated attacker to obtain information about the project file for MELSEC safety CPU modules. | ||||
CVE-2022-29830 | 1 Mitsubishielectric | 1 Gx Works3 | 2024-11-21 | 9.1 Critical |
Use of Hard-coded Cryptographic Key vulnerability in Mitsubishi Electric GX Works3 versions from 1.000A to 1.095Z and Motion Control Setting(GX Works3 related software) versions from 1.000A and later allows a remote unauthenticated attacker to disclose or tamper with sensitive information. As a result, unauthenticated attackers may obtain information about project files illegally. |