Description
Windows Shortcut Following (.LNK) vulnerability in multiple processes of Mitsubishi Electric GENESIS64 versions 10.97.3 and prior, Mitsubishi Electric ICONICS Suite versions 10.97.3 and prior, Mitsubishi Electric MobileHMI versions 10.97.3 and prior, Mitsubishi Electric Hyper Historian versions 10.97.3 and prior, Mitsubishi Electric AnalytiX versions 10.97.3 and prior, Mitsubishi Electric IoTWorX version 10.95, Mitsubishi Electric GENESIS version 11.00, Mitsubishi Electric MC Works64 all versions, Mitsubishi Electric Iconics Digital Solutions GENESIS64 versions 10.97.3 and prior, Mitsubishi Electric Iconics Digital Solutions ICONICS Suite versions 10.97.3 and prior, Mitsubishi Electric Iconics Digital Solutions MobileHMI versions 10.97.3 and prior, Mitsubishi Electric Iconics Digital Solutions Hyper Historian versions 10.97.3 and prior, Mitsubishi Electric Iconics Digital Solutions AnalytiX versions 10.97.3 and prior, Mitsubishi Electric Iconics Digital Solutions IoTWorX version 10.95, and Mitsubishi Electric Iconics Digital Solutions GENESIS version 11.00 allows a local authenticated attacker to make an unauthorized write to arbitrary files, by creating a symbolic link from a file used as a write destination by the processes of the affected products to a target file. This could allow the attacker to destroy the file on a PC with the affected products installed, resulting in a denial-of-service (DoS) condition on the PC if the destroyed file is necessary for the operation of the PC.
Published: 2025-08-06
Score: 5.9 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Denial of Service via unauthorized file deletion
Action: Assess Impact
AI Analysis

Impact

The vulnerability arises from a Windows shortcut following flaw (CWE‑64) that allows a local authenticated attacker to create a symbolic link targeting a write destination used by the affected processes. By redirecting the write operation to an arbitrary file, the attacker can delete or overwrite that file. This can result in the loss of critical configuration or operational files, leading to a denial‑of‑service condition on the workstation or control system.

Affected Systems

Affected systems include Mitsubishi Electric Corporation and Mitsubishi Electric Iconics Digital Solutions products: GENESIS64 through version 10.97.3, ICONICS Suite through 10.97.3, MobileHMI through 10.97.3, Hyper Historian through 10.97.3, AnalytiX through 10.97.3, IoTWorX version 10.95, GENESIS version 11.00, and MC Works64 all versions. These same product lines are impacted under the Iconics Digital Solutions branding with identical version ranges.

Risk and Exploitability

The CVSS score of 5.9 indicates moderate severity, while the EPSS score of less than 1% suggests a very low likelihood of exploitation at this time. The vulnerability is not listed in CISA KEV. Exploitation requires local authenticated access, the ability to generate symbolic links, and knowledge of writable file paths used by the application. In practice, this usually limits an attacker to a privileged local user or malware executing with local rights. Because the flaw only exists in the specified Mitsubishi Electric products running on Windows, risk can be reduced by controlling local user privileges and monitoring file writes.

Generated by OpenCVE AI on April 20, 2026 at 19:59 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Check for and apply any Mitsubishi Electric update that addresses the shortcut following vulnerability.
  • Restrict local write permissions on critical files and directories to prevent unauthorized deletions.
  • Enable auditing of file deletion events and monitor system logs for suspicious activity.

Generated by OpenCVE AI on April 20, 2026 at 19:59 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
EUVD EUVD EUVD-2025-23786 Windows Shortcut Following (.LNK) vulnerability in multiple processes of Mitsubishi Electric Iconics Digital Solutions GENESIS64 all versions, Mitsubishi Electric Iconics Digital Solutions GENESIS version 11.00, Mitsubishi Electric GENESIS64 all versions, Mitsubishi Electric MC Works64 all versions, and Mitsubishi Electric GENESIS version 11.00 allows a local authenticated attacker to make an unauthorized write to arbitrary files, by creating a symbolic link from a file used as a write destination by the processes of the affected products to a target file. This could allow the attacker to destroy the file on a PC with the affected products installed, resulting in a denial-of-service (DoS) condition on the PC if the destroyed file is necessary for the operation of the PC.
History

Thu, 09 Apr 2026 05:45:00 +0000

Type Values Removed Values Added
Description Windows Shortcut Following (.LNK) vulnerability in multiple processes of Mitsubishi Electric Iconics Digital Solutions GENESIS64 all versions, Mitsubishi Electric Iconics Digital Solutions GENESIS version 11.00, Mitsubishi Electric GENESIS64 all versions, Mitsubishi Electric MC Works64 all versions, and Mitsubishi Electric GENESIS version 11.00 allows a local authenticated attacker to make an unauthorized write to arbitrary files, by creating a symbolic link from a file used as a write destination by the processes of the affected products to a target file. This could allow the attacker to destroy the file on a PC with the affected products installed, resulting in a denial-of-service (DoS) condition on the PC if the destroyed file is necessary for the operation of the PC. Windows Shortcut Following (.LNK) vulnerability in multiple processes of Mitsubishi Electric GENESIS64 versions 10.97.3 and prior, Mitsubishi Electric ICONICS Suite versions 10.97.3 and prior, Mitsubishi Electric MobileHMI versions 10.97.3 and prior, Mitsubishi Electric Hyper Historian versions 10.97.3 and prior, Mitsubishi Electric AnalytiX versions 10.97.3 and prior, Mitsubishi Electric IoTWorX version 10.95, Mitsubishi Electric GENESIS version 11.00, Mitsubishi Electric MC Works64 all versions, Mitsubishi Electric Iconics Digital Solutions GENESIS64 versions 10.97.3 and prior, Mitsubishi Electric Iconics Digital Solutions ICONICS Suite versions 10.97.3 and prior, Mitsubishi Electric Iconics Digital Solutions MobileHMI versions 10.97.3 and prior, Mitsubishi Electric Iconics Digital Solutions Hyper Historian versions 10.97.3 and prior, Mitsubishi Electric Iconics Digital Solutions AnalytiX versions 10.97.3 and prior, Mitsubishi Electric Iconics Digital Solutions IoTWorX version 10.95, and Mitsubishi Electric Iconics Digital Solutions GENESIS version 11.00 allows a local authenticated attacker to make an unauthorized write to arbitrary files, by creating a symbolic link from a file used as a write destination by the processes of the affected products to a target file. This could allow the attacker to destroy the file on a PC with the affected products installed, resulting in a denial-of-service (DoS) condition on the PC if the destroyed file is necessary for the operation of the PC.
Title Information Tampering Vulnerability in multiple processes of GENESIS64, MC Works64, and GENESIS Information Tampering Vulnerability in Multiple Processes of GENESIS64, ICONICS Suite, MobileHMI, Hyper Historian, AnalytiX, IoTWorX, MC Works64, and GENESIS

Thu, 07 Aug 2025 14:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Thu, 07 Aug 2025 07:15:00 +0000

Type Values Removed Values Added
First Time appeared Mitsubishielectric
Mitsubishielectric genesis
Mitsubishielectric genesis64
Mitsubishielectric mc Works64
Vendors & Products Mitsubishielectric
Mitsubishielectric genesis
Mitsubishielectric genesis64
Mitsubishielectric mc Works64

Wed, 06 Aug 2025 07:00:00 +0000

Type Values Removed Values Added
Description Windows Shortcut Following (.LNK) vulnerability in multiple processes of Mitsubishi Electric Iconics Digital Solutions GENESIS64 all versions, Mitsubishi Electric Iconics Digital Solutions GENESIS version 11.00, Mitsubishi Electric GENESIS64 all versions, Mitsubishi Electric MC Works64 all versions, and Mitsubishi Electric GENESIS version 11.00 allows a local authenticated attacker to make an unauthorized write to arbitrary files, by creating a symbolic link from a file used as a write destination by the processes of the affected products to a target file. This could allow the attacker to destroy the file on a PC with the affected products installed, resulting in a denial-of-service (DoS) condition on the PC if the destroyed file is necessary for the operation of the PC.
Title Information Tampering Vulnerability in multiple processes of GENESIS64, MC Works64, and GENESIS
Weaknesses CWE-64
References
Metrics cvssV3_1

{'score': 5.9, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:N/I:H/A:N'}

Subscriptions

Mitsubishielectric Genesis Genesis64 Mc Works64
cve-icon MITRE

Status: PUBLISHED

Assigner: Mitsubishi

Published:

Updated: 2026-04-09T05:10:54.864Z

Reserved: 2025-07-09T02:02:37.759Z

Link: CVE-2025-7376

cve-icon Vulnrichment

Updated: 2025-08-07T14:11:40.486Z

cve-icon NVD

Status : Deferred

Published: 2025-08-06T07:15:34.100

Modified: 2026-04-15T00:35:42.020

Link: CVE-2025-7376

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-20T20:00:10Z

Weaknesses