Multiple Mitsubishi Electric Factory Automation engineering software products have a malicious code execution vulnerability. A malicious attacker could use this vulnerability to obtain information, modify information, and cause a denial-of-service condition.

No CVSS v4.0

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

This CVE is not in the KEV list.

The EPSS score is 0.00243.

Exploitation none

Automatable no

Technical Impact total

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions
Mitsubishi Electric C Controller Interface Module Utility unaffected
Version Status Constraints
unspecified affected ≤ Version 2.00
Mitsubishi Electric CC-Link IE Control Network Data Collector unaffected
Version Status Constraints
Version 1.00A affected
Mitsubishi Electric CC-Link IE Field Network Data Collector unaffected
Version Status Constraints
Version 1.00A affected
Mitsubishi Electric CC-Link IE TSN Data Collector unaffected
Version Status Constraints
Version 1.00A affected
Mitsubishi Electric CPU Module Logging Configuration Tool unaffected
Version Status Constraints
unspecified affected ≤ Version 1.100E
Mitsubishi Electric CW Configurator unaffected
Version Status Constraints
unspecified affected ≤ Version 1.010L
Mitsubishi Electric Data Transfer unaffected
Version Status Constraints
unspecified affected ≤ Version 3.42U
Mitsubishi Electric EZSocket unaffected
Version Status Constraints
unspecified affected ≤ Version 5.1
Mitsubishi Electric FR Configurator SW3 unaffected
Version Status Constraints
All Versions affected
Mitsubishi Electric FR Configurator2 unaffected
Version Status Constraints
unspecified affected ≤ Version 1.26C
Mitsubishi Electric GT Designer2 Classic unaffected
Version Status Constraints
All Versions affected
Mitsubishi Electric GT Designer3 Version1 (GOT1000) unaffected
Version Status Constraints
unspecified affected ≤ Version 1.241B
Mitsubishi Electric GT Designer3 Version1 (GOT2000) unaffected
Version Status Constraints
unspecified affected ≤ Version 1.241B
Mitsubishi Electric GT SoftGOT1000 Version3 unaffected
Version Status Constraints
unspecified affected ≤ Version 3.200J
Mitsubishi Electric GT SoftGOT2000 Version1 unaffected
Version Status Constraints
unspecified affected ≤ Version 1.241B
Mitsubishi Electric GX Developer unaffected
Version Status Constraints
unspecified affected ≤ Version 8.504A
Mitsubishi Electric GX LogViewer unaffected
Version Status Constraints
unspecified affected ≤ Version 1.100E
Mitsubishi Electric GX Works2 unaffected
Version Status Constraints
unspecified affected ≤ Version 1.601B
Mitsubishi Electric GX Works3 unaffected
Version Status Constraints
unspecified affected ≤ Version 1.063R
Mitsubishi Electric M_CommDTM-IO-Link unaffected
Version Status Constraints
unspecified affected ≤ Version 1.03D
Mitsubishi Electric MELFA-Works unaffected
Version Status Constraints
unspecified affected ≤ Version 4.4
Mitsubishi Electric MELSEC WinCPU Setting Utility unaffected
Version Status Constraints
All Versions affected
Mitsubishi Electric MELSOFT Complete Clean Up Tool unaffected
Version Status Constraints
unspecified affected ≤ Version 1.06G
Mitsubishi Electric MELSOFT EM Software Development Kit unaffected
Version Status Constraints
unspecified affected ≤ Version 1.015R
Mitsubishi Electric MELSOFT iQ AppPortal unaffected
Version Status Constraints
unspecified affected ≤ Version 1.17T
Mitsubishi Electric MELSOFT Navigator unaffected
Version Status Constraints
unspecified affected ≤ Version 2.74C
Mitsubishi Electric MI Configurator unaffected
Version Status Constraints
unspecified affected ≤ Version 1.004E
Mitsubishi Electric Motion Control Setting unaffected
Version Status Constraints
unspecified affected ≤ Version 1.005F
Mitsubishi Electric Motorizer unaffected
Version Status Constraints
unspecified affected ≤ Version 1.005F
Mitsubishi Electric MR Configurator2 unaffected
Version Status Constraints
unspecified affected ≤ Version 1.125F
Mitsubishi Electric MT Works2 unaffected
Version Status Constraints
unspecified affected ≤ Version 1.167Z
Mitsubishi Electric MTConnect Data Collector unaffected
Version Status Constraints
unspecified affected ≤ Version 1.1.4.0
Mitsubishi Electric MX Component unaffected
Version Status Constraints
unspecified affected ≤ Version 4.20W
Mitsubishi Electric MX MESInterface unaffected
Version Status Constraints
unspecified affected ≤ Version 1.21X
Mitsubishi Electric MX MESInterface-R unaffected
Version Status Constraints
unspecified affected ≤ Version 1.12N
Mitsubishi Electric MX Sheet unaffected
Version Status Constraints
unspecified affected ≤ Version 2.15R
Mitsubishi Electric Network Interface Board CC IE Control Utility unaffected
Version Status Constraints
unspecified affected ≤ Version 1.29F
Mitsubishi Electric Network Interface Board CC IE Field Utility unaffected
Version Status Constraints
unspecified affected ≤ Versions 1.16S
Mitsubishi Electric Network Interface Board CC-Link Ver.2 Utility unaffected
Version Status Constraints
unspecified affected ≤ Version 1.23Z
Mitsubishi Electric Network Interface Board MNETH Utility unaffected
Version Status Constraints
unspecified affected ≤ Version 34L
Mitsubishi Electric Position Board utility 2 unaffected
Version Status Constraints
unspecified affected ≤ Version 3.20
Mitsubishi Electric PX Developer unaffected
Version Status Constraints
unspecified affected ≤ Version 1.53F
Mitsubishi Electric RT ToolBox2 unaffected
Version Status Constraints
unspecified affected ≤ Version 3.73B
Mitsubishi Electric RT ToolBox3 unaffected
Version Status Constraints
unspecified affected ≤ Version 1.82L
Mitsubishi Electric Setting/Monitoring tools for the C Controller module unaffected
Version Status Constraints
unspecified affected ≤ SW3PVC-CCPU Version 3.13P
unspecified affected ≤ SW4PVC-CCPU Version 4.12N
Mitsubishi Electric SLMP Data Collector unaffected
Version Status Constraints
unspecified affected ≤ Version 1.04E

Configuration 1 [-]

OR cpe:2.3:a:mitsubishielectric:c_controller_interface_module_utility:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:c_controller_module_setting_and_monitoring_tool:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:cc-link_ie_control_network_data_collector:1.00a:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:cc-link_ie_field_network_data_collector:1.00a:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:cc-link_ie_tsn_data_collector:1.00a:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:cpu_module_logging_configuration_tool:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:cw_configurator:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:data_transfer:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:ezsocket:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:fr_configurator_sw3:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:fr_configurator2:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:gt_designer2_classic:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:gt_softgot1000:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:gt_softgot2000:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:gx_developer:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:gx_logviewer:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:gx_works2:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:gx_works3:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:m_commdtm-io-link:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:melfa-works:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:melsec_wincpu_setting_utility:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:melsoft_complete_clean_up_tool:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:melsoft_em_software_development_kit:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:melsoft_iq_appportal:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:melsoft_navigator:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:mi_configurator:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:motion_control_setting:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:motorizer:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:mr_configurator2:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:mt_works2:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:mtconnect_data_collector:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:mx_component:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:mx_mesinterface:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:mx_mesinterface-r:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:mx_sheet:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:position_board_utility_2:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:px_developer:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:rt_toolbox2:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:rt_toolbox3:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:setting\/monitoring_tools_for_the_c_controller_module:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:slmp_data_collector:*:*:*:*:*:*:*:*

Configuration 2 [-]

AND
cpe:2.3:a:mitsubishielectric:gt_designer3:*:*:*:*:*:*:*:*
OR cpe:2.3:h:mitsubishielectric:got1000_series_gt10:-:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:got1000_series_gt11:-:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:got1000_series_gt12:-:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:got1000_series_gt14:-:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:got1000_series_gt15:-:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:got1000_series_gt16:-:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:got1000_series_gt21:-:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:got1000_series_gt23:-:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:got1000_series_gt25:-:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:got1000_series_gt27:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND
cpe:2.3:o:mitsubishielectric:network_interface_board_cc-link_ver.2_utility_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:network_interface_board_cc-link_ver.2_utility:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND
cpe:2.3:o:mitsubishielectric:network_interface_board_cc_ie_control_utility_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:network_interface_board_cc_ie_control_utility:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND
cpe:2.3:o:mitsubishielectric:network_interface_board_cc_ie_field_utility_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:network_interface_board_cc_ie_field_utility:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND
cpe:2.3:o:mitsubishielectric:network_interface_board_mneth_utility_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:network_interface_board_mneth_utility:-:*:*:*:*:*:*:*

No data.

No data.

Project Subscriptions

Vendors Products
Mitsubishielectric Subscribe
C Controller Interface Module Utility Subscribe
C Controller Module Setting And Monitoring Tool Subscribe
Cc-link Ie Control Network Data Collector Subscribe
Cc-link Ie Field Network Data Collector Subscribe
Cc-link Ie Tsn Data Collector Subscribe
Cpu Module Logging Configuration Tool Subscribe
Cw Configurator Subscribe
Data Transfer Subscribe
Ezsocket Subscribe
Fr Configurator2 Subscribe
Fr Configurator Sw3 Subscribe
Got1000 Series Gt10 Subscribe
Got1000 Series Gt11 Subscribe
Got1000 Series Gt12 Subscribe
Got1000 Series Gt14 Subscribe
Got1000 Series Gt15 Subscribe
Got1000 Series Gt16 Subscribe
Got1000 Series Gt21 Subscribe
Got1000 Series Gt23 Subscribe
Got1000 Series Gt25 Subscribe
Got1000 Series Gt27 Subscribe
Gt Designer2 Classic Subscribe
Gt Designer3 Subscribe
Gt Softgot1000 Subscribe
Gt Softgot2000 Subscribe
Gx Developer Subscribe
Gx Logviewer Subscribe
Gx Works2 Subscribe
Gx Works3 Subscribe
M Commdtm-io-link Subscribe
Melfa-works Subscribe
Melsec Wincpu Setting Utility Subscribe
Melsoft Complete Clean Up Tool Subscribe
Melsoft Em Software Development Kit Subscribe
Melsoft Iq Appportal Subscribe
Melsoft Navigator Subscribe
Mi Configurator Subscribe
Motion Control Setting Subscribe
Motorizer Subscribe
Mr Configurator2 Subscribe
Mt Works2 Subscribe
Mtconnect Data Collector Subscribe
Mx Component Subscribe
Mx Mesinterface Subscribe
Mx Mesinterface-r Subscribe
Mx Sheet Subscribe
Network Interface Board Cc-link Ver.2 Utility Subscribe
Network Interface Board Cc-link Ver.2 Utility Firmware Subscribe
Network Interface Board Cc Ie Control Utility Subscribe
Network Interface Board Cc Ie Control Utility Firmware Subscribe
Network Interface Board Cc Ie Field Utility Subscribe
Network Interface Board Cc Ie Field Utility Firmware Subscribe
Network Interface Board Mneth Utility Subscribe
Network Interface Board Mneth Utility Firmware Subscribe
Position Board Utility 2 Subscribe
Px Developer Subscribe
Rt Toolbox2 Subscribe
Rt Toolbox3 Subscribe
Setting\/monitoring Tools For The C Controller Module Subscribe
Slmp Data Collector Subscribe
Advisories
Source ID Title
EUVD EUVD EUVD-2020-6657 Multiple Mitsubishi Electric Factory Automation engineering software products have a malicious code execution vulnerability. A malicious attacker could use this vulnerability to obtain information, modify information, and cause a denial-of-service condition.
Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References
Link Providers
https://www.cisa.gov/uscert/ics/advisories/icsa-20-212-04 cve-icon cve-icon
https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2020-007_en.pdf cve-icon cve-icon
History

Wed, 16 Apr 2025 18:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Tue, 17 Sep 2024 00:00:00 +0000

Type Values Removed Values Added
Description Multiple Mitsubishi Electric Factory Automation engineering software products have a malicious code execution vulnerability. A malicious attacker could use this vulnerability to obtain information, modify information, and cause a denial-of-service condition. Multiple Mitsubishi Electric Factory Automation engineering software products have a malicious code execution vulnerability. A malicious attacker could use this vulnerability to obtain information, modify information, and cause a denial-of-service condition.

Projects

Sign in to view the affected projects.

cve-icon MITRE

Status: PUBLISHED

Assigner: icscert

Published:

Updated: 2025-04-16T18:01:31.445Z

Reserved: 2020-06-19T00:00:00.000Z

Link: CVE-2020-14521

cve-icon Vulnrichment

Updated: 2024-08-04T12:46:34.835Z

cve-icon NVD

Status : Modified

Published: 2022-02-11T18:15:08.513

Modified: 2024-11-21T05:03:26.950

Link: CVE-2020-14521

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.

Weaknesses