Mitsubishielectric Genesis64
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Mitsubishielectric Genesis64.
By the Year
In 2026 there have been 0 vulnerabilities in Mitsubishielectric Genesis64. Last year, in 2025 Genesis64 had 2 security vulnerabilities published. Right now, Genesis64 is on track to have less security vulnerabilities in 2026 than it did last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 2 | 7.35 |
| 2024 | 14 | 6.59 |
| 2023 | 0 | 0.00 |
| 2022 | 1 | 5.90 |
It may take a day or so for new Genesis64 vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Mitsubishielectric Genesis64 Security Vulnerabilities
OS Command Injection in Mitsubishi Electric GENESIS64 10.97.2 CFR3
CVE-2025-11774
8.2 - High
- December 19, 2025
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in the software keyboard function (hereinafter referred to as "keypad function") of Mitsubishi Electric GENESIS64 versions 10.97.2 CFR3 and prior, Mitsubishi Electric Iconics Digital Solutions GENESIS64 versions 10.97.2 CFR3 and prior, Mitsubishi Electric ICONICS Suite versions 10.97.2 CFR3 and prior, Mitsubishi Electric Iconics Digital Solutions ICONICS Suite versions 10.97.2 CFR3 and prior, Mitsubishi Electric MobileHMI versions 10.97.2 CFR3 and prior, Mitsubishi Electric Iconics Digital Solutions MobileHMI versions 10.97.2 CFR3 and prior, and Mitsubishi Electric MC Works64 all versions allows a local attacker to execute arbitrary executable files (EXE) when a legitimate user uses the keypad function by tampering with the configuration file for the function. This could allow the attacker to disclose, tamper with, delete, or destroy information stored on the PC where the affected product is installed, or cause a denial-of-service (DoS) condition on the system, through the execution of the EXE.
Shell injection
Mitsubishi GENESIS64/MC Works64: Unnecessary Privileges Local Write DoS (All V)
CVE-2025-0921
6.5 - Medium
- May 15, 2025
Execution with Unnecessary Privileges vulnerability in multiple services of Mitsubishi Electric GENESIS64 all versions, Mitsubishi Electric Iconics Digital Solutions GENESIS64 all versions, Mitsubishi Electric ICONICS Suite all versions, Mitsubishi Electric Iconics Digital Solutions ICONICS Suite all versions, Mitsubishi Electric MC Works64 all versions, Mitsubishi Electric GENESIS version 11.00, Mitsubishi Electric Iconics Digital Solutions GENESIS version 11.00, Mitsubishi Electric GENESIS32 all versions, Mitsubishi Electric Iconics Digital Solutions GENESIS32 all versions, Mitsubishi Electric BizViz all versions, and Mitsubishi Electric Iconics Digital Solutions BizViz all versions allows a local authenticated attacker to make an unauthorized write to arbitrary files, by creating a symbolic link from a file used as a write destination by the services of the affected products to a target file. This could allow the attacker to destroy the file on a PC with the affected products installed, resulting in a denial-of-service (DoS) condition on the PC if the destroyed file is necessary for the operation of the PC.
Execution with Unnecessary Privileges
Uncontrolled SP Element in GENESIS64 allows DLL hijack for code exec
CVE-2024-9852
7.8 - High
- November 28, 2024
Uncontrolled Search Path Element vulnerability in Mitsubishi Electric GENESIS64 all versions, Mitsubishi Electric Iconics Digital Solutions GENESIS64 all versions, Mitsubishi Electric ICONICS Suite all versions, Mitsubishi Electric Iconics Digital Solutions ICONICS Suite all versions, Mitsubishi Electric MC Works64 all versions, Mitsubishi Electric GENESIS32 all versions, and Mitsubishi Electric Iconics Digital Solutions GENESIS32 all versions allows a local authenticated attacker to execute a malicious code by storing a specially crafted DLL in a specific folder. This could lead to disclose, tamper with, destroy, or delete information in the affected products, or cause a denial of service (DoS) condition on the products.
DLL preloading
Dead Code DLL Tamper RCE in GENESIS64 10.97.3 (ICONICS/Mitsubishi)
CVE-2024-8300
7 - High
- November 28, 2024
Dead Code vulnerability in Mitsubishi Electric GENESIS64 Version 10.97.2, 10.97.2 CFR1, 10.97.2 CRF2 and 10.97.3, Mitsubishi Electric Iconics Digital Solutions GENESIS64 Version 10.97.2, 10.97.2 CFR1, 10.97.2 CRF2 and 10.97.3, Mitsubishi Electric ICONICS Suite Version 10.97.2, 10.97.2 CFR1, 10.97.2 CRF2 and 10.97.3, and Mitsubishi Electric Iconics Digital Solutions ICONICS Suite Version 10.97.2, 10.97.2 CFR1, 10.97.2 CRF2 and 10.97.3 allows a local authenticated attacker to execute a malicious code by tampering with a specially crafted DLL. This could lead to disclose, tamper with, destroy, or delete information in the affected products, or cause a denial of service (DoS) condition on the products.
Dead Code
Privilege Escalation in Jungo WinDriver 6.0.0-16.1.0
CVE-2024-26314
7.8 - High
- July 02, 2024
Improper privilege management in Jungo WinDriver 6.0.0 through 16.1.0 allows local attackers to escalate privileges and execute arbitrary code.
Jungo WinDriver <12.5.1 DoS Causing Windows BS
CVE-2024-22105
5.5 - Medium
- July 02, 2024
Denial of Service (DoS) vulnerability in Jungo WinDriver before 12.5.1 allows local attackers to cause a Windows blue screen error.
Jungo WinDriver <12.5.1 Improper Privilege Management Exploitable Locally
CVE-2024-22106
7.8 - High
- July 02, 2024
Improper privilege management in Jungo WinDriver before 12.5.1 allows local attackers to escalate privileges, execute arbitrary code, or cause a Denial of Service (DoS).
Jungo WinDriver <12.2 Improper Privilege Escalation (CVE-2024-25086)
CVE-2024-25086
7.8 - High
- July 02, 2024
Improper privilege management in Jungo WinDriver before 12.2.0 allows local attackers to escalate privileges and execute arbitrary code.
Jungo WinDriver DoS causing BSOD before v12.7.0
CVE-2024-25087
5.5 - Medium
- July 02, 2024
Denial of Service (DoS) vulnerability in Jungo WinDriver before 12.7.0 allows local attackers to cause a Windows blue screen error.
Jungo WinDriver <12.5.1 PrivEsc via Improper Priv Man
CVE-2024-25088
7.8 - High
- July 02, 2024
Improper privilege management in Jungo WinDriver before 12.5.1 allows local attackers to escalate privileges and execute arbitrary code.
Jungo WinDriver <12.5.1 OOB Write Causing BSOD & DoS
CVE-2024-22104
5.5 - Medium
- July 02, 2024
Out-of-Bounds Write vulnerability in Jungo WinDriver before 12.5.1 allows local attackers to cause a Windows blue screen error and Denial of Service (DoS).
Memory Corruption
Jungo WinDriver <12.6.0 OOB Write causing BSOD & DoS
CVE-2024-22103
5.5 - Medium
- July 02, 2024
Out-of-Bounds Write vulnerability in Jungo WinDriver before 12.6.0 allows local attackers to cause a Windows blue screen error and Denial of Service (DoS).
Memory Corruption
Jungo WinDriver <12.6.0 DoS causes Windows BSOD
CVE-2024-22102
5.5 - Medium
- July 02, 2024
Denial of Service (DoS) vulnerability in Jungo WinDriver before 12.6.0 allows local attackers to cause a Windows blue screen error.
Jungo WinDriver pre-12.1.0 OOB Write Enables BSoD & Local DoS
CVE-2023-51778
5.5 - Medium
- July 02, 2024
Out-of-Bounds Write vulnerability in Jungo WinDriver before 12.1.0 allows local attackers to cause a Windows blue screen error and Denial of Service (DoS).
Memory Corruption
Jungo WinDriver <12.1.0 DoS leading to BSOD
CVE-2023-51777
5.5 - Medium
- July 02, 2024
Denial of Service (DoS) vulnerability in Jungo WinDriver before 12.1.0 allows local attackers to cause a Windows blue screen error.
Jungo WinDriver <12.1.0 Improper Privilege Management, Local Priv Esc
CVE-2023-51776
7.8 - High
- July 02, 2024
Improper privilege management in Jungo WinDriver before 12.1.0 allows local attackers to escalate privileges and execute arbitrary code.
Buffer Over-read vulnerability in Mitsubishi Electric MC Works64 versions 4.00A to 4.04E, Mitsubishi Electric GENESIS64 versions 10.97 and prior, Mitsubishi Electric Iconics Digital Solutions GENESIS64 versions 10.97 and prior, Mitsubishi Electric ICONICS Suite versions 10.97 and prior, Mitsubishi Electric Iconics Digital Solutions ICONICS Suite versions 10.97 and prior, Mitsubishi Electric GENESIS32 versions 9.7 and prior, and Mitsubishi Electric Iconics Digital Solutions GENESIS32 versions 9.7 and prior
CVE-2022-23130
5.9 - Medium
- January 21, 2022
Buffer Over-read vulnerability in Mitsubishi Electric MC Works64 versions 4.00A to 4.04E, Mitsubishi Electric GENESIS64 versions 10.97 and prior, Mitsubishi Electric Iconics Digital Solutions GENESIS64 versions 10.97 and prior, Mitsubishi Electric ICONICS Suite versions 10.97 and prior, Mitsubishi Electric Iconics Digital Solutions ICONICS Suite versions 10.97 and prior, Mitsubishi Electric GENESIS32 versions 9.7 and prior, and Mitsubishi Electric Iconics Digital Solutions GENESIS32 versions 9.7 and prior allows an attacker to cause a DoS condition in the database server by getting a legitimate user to import a configuration file containing specially crafted stored procedures into GENESIS64, ICONICS Suite, MC Works64, or GENESIS32 and execute commands against the database from GENESIS64, ICONICS Suite, MC Works64, or GENESIS32.
Buffer Over-read
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Mitsubishielectric Genesis64 or by Mitsubishielectric? Click the Watch button to subscribe.
