Mitsubishielectric Gx Works3

Jungo WinDriver <12.5.1 DoS Causing Windows BS
CVE-2024-22105 5.5 - Medium - July 02, 2024

Denial of Service (DoS) vulnerability in Jungo WinDriver before 12.5.1 allows local attackers to cause a Windows blue screen error.

Jungo WinDriver <12.5.1 Improper Privilege Management Exploitable Locally
CVE-2024-22106 7.8 - High - July 02, 2024

Improper privilege management in Jungo WinDriver before 12.5.1 allows local attackers to escalate privileges, execute arbitrary code, or cause a Denial of Service (DoS).

Jungo WinDriver <12.2 Improper Privilege Escalation (CVE-2024-25086)
CVE-2024-25086 7.8 - High - July 02, 2024

Improper privilege management in Jungo WinDriver before 12.2.0 allows local attackers to escalate privileges and execute arbitrary code.

Jungo WinDriver DoS causing BSOD before v12.7.0
CVE-2024-25087 5.5 - Medium - July 02, 2024

Denial of Service (DoS) vulnerability in Jungo WinDriver before 12.7.0 allows local attackers to cause a Windows blue screen error.

Jungo WinDriver <12.5.1 PrivEsc via Improper Priv Man
CVE-2024-25088 7.8 - High - July 02, 2024

Improper privilege management in Jungo WinDriver before 12.5.1 allows local attackers to escalate privileges and execute arbitrary code.

Privilege Escalation in Jungo WinDriver 6.0.0-16.1.0
CVE-2024-26314 7.8 - High - July 02, 2024

Improper privilege management in Jungo WinDriver 6.0.0 through 16.1.0 allows local attackers to escalate privileges and execute arbitrary code.

Jungo WinDriver <12.1.0 DoS leading to BSOD
CVE-2023-51777 5.5 - Medium - July 02, 2024

Denial of Service (DoS) vulnerability in Jungo WinDriver before 12.1.0 allows local attackers to cause a Windows blue screen error.

Jungo WinDriver pre-12.1.0 OOB Write Enables BSoD & Local DoS
CVE-2023-51778 5.5 - Medium - July 02, 2024

Out-of-Bounds Write vulnerability in Jungo WinDriver before 12.1.0 allows local attackers to cause a Windows blue screen error and Denial of Service (DoS).

Memory Corruption

Jungo WinDriver <12.6.0 DoS causes Windows BSOD
CVE-2024-22102 5.5 - Medium - July 02, 2024

Denial of Service (DoS) vulnerability in Jungo WinDriver before 12.6.0 allows local attackers to cause a Windows blue screen error.

Jungo WinDriver <12.6.0 OOB Write causing BSOD & DoS
CVE-2024-22103 5.5 - Medium - July 02, 2024

Out-of-Bounds Write vulnerability in Jungo WinDriver before 12.6.0 allows local attackers to cause a Windows blue screen error and Denial of Service (DoS).

Memory Corruption

Jungo WinDriver <12.5.1 OOB Write Causing BSOD & DoS
CVE-2024-22104 5.5 - Medium - July 02, 2024

Out-of-Bounds Write vulnerability in Jungo WinDriver before 12.5.1 allows local attackers to cause a Windows blue screen error and Denial of Service (DoS).

Memory Corruption

Jungo WinDriver <12.1.0 Improper Privilege Management, Local Priv Esc
CVE-2023-51776 7.8 - High - July 02, 2024

Improper privilege management in Jungo WinDriver before 12.1.0 allows local attackers to escalate privileges and execute arbitrary code.

Missing Auth in Mitsubishi EZSocket 3.0-5.92 & GT Designer3 v1.325P/1.320J
CVE-2023-6942 7.5 - High - January 30, 2024

Missing Authentication for Critical Function vulnerability in Mitsubishi Electric Corporation EZSocket versions 3.0 to 5.92, GT Designer3 Version1(GOT1000) versions 1.325P and prior, GT Designer3 Version1(GOT2000) versions 1.320J and prior, GX Works2 versions 1.11M to 1.626C, GX Works3 versions 1.106L and prior, MELSOFT Navigator versions 1.04E to 2.102G, MT Works2 versions 1.190Y and prior, MX Component versions 4.00A to 5.007H and MX OPC Server DA/UA all versions allows a remote unauthenticated attacker to bypass authentication by sending specially crafted packets and connect to the products illegally.

Missing Authentication for Critical Function

Mitsubishi EZSocket UR Vulnerability (RPC) CVE-2023-6943 3.0-5.92
CVE-2023-6943 9.8 - Critical - January 30, 2024

Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') vulnerability in Mitsubishi Electric Corporation EZSocket versions 3.0 to 5.92, GT Designer3 Version1(GOT1000) versions 1.325P and prior, GT Designer3 Version1(GOT2000) versions 1.320J and prior, GX Works2 versions 1.11M to 1.626C, GX Works3 versions 1.106L and prior, MELSOFT Navigator versions 1.04E to 2.102G, MT Works2 versions 1.190Y and prior, MX Component versions 4.00A to 5.007H and MX OPC Server DA/UA all versions allows a remote unauthenticated attacker to execute a malicious code by RPC with a path to a malicious library while connected to the products.

Reflection Injection

Mitsubishi FA Software File Path Control Malicious Exec (CVE-2023-5247)
CVE-2023-5247 7.8 - High - November 30, 2023

Malicious Code Execution Vulnerability due to External Control of File Name or Path in multiple Mitsubishi Electric FA Engineering Software Products allows a malicious attacker to execute a malicious code by having legitimate users open a specially crafted project file, which could result in information disclosure, tampering and deletion, or a denial-of-service (DoS) condition.

Externally Controlled Reference to a Resource in Another Sphere

Mitsubishi FA Software Local Exec via Incorrect File Permissions
CVE-2023-4088 7.8 - High - September 20, 2023

Incorrect Default Permissions vulnerability in Mitsubishi Electric Corporation multiple FA engineering software products allows a malicious local attacker to execute a malicious code, resulting in information disclosure, tampering with and deletion, or a denial-of-service (DoS) condition, if the product is installed in a folder other than the default installation folder.

Incorrect Default Permissions

Cleartext Storage in Mitsubishi Electric GX Works3 1.095Z
CVE-2022-25164 7.5 - High - November 25, 2022

Cleartext Storage of Sensitive Information vulnerability in Mitsubishi Electric GX Works3 versions from 1.000A to 1.095Z and Mitsubishi Electric MX OPC UA Module Configurator-R versions 1.08J and prior allows a remote unauthenticated attacker to disclose sensitive information. As a result, unauthenticated attackers can gain unauthorized access to the MELSEC CPU module and the MELSEC OPC UA server module.

Cleartext Storage of Sensitive Information

Use of Hard-coded Password in Mitsubishi Electric GX Works3 <=1.090U
CVE-2022-29825 5.6 - Medium - November 25, 2022

Use of Hard-coded Password vulnerability in Mitsubishi Electric GX Works3 versions from 1.000A to 1.090U, GT Designer3 Version1 (GOT2000) versions from 1.122C to 1.290C, and MT Works2 versions from 1.100E to 1.200J allows an unauthenticated attacker to disclose sensitive information. As a result, unauthenticated users may view programs and project files or execute programs illegally.

Use of Hard-coded Password

Cleartext Storage of Sensitive Info in Mitsubishi Electric GX Works3 < 1.087R
CVE-2022-29826 7.5 - High - November 25, 2022

Cleartext Storage of Sensitive Information vulnerability in Mitsubishi Electric GX Works3 versions from 1.000A to 1.087R and Motion Control Setting(GX Works3 related software) versions from 1.000A to 1.042U allows a remote unauthenticated attacker to disclose sensitive information. As a result, unauthenticated users may view programs and project files or execute programs illegally.

Cleartext Storage of Sensitive Information

GX Works3 Hard-Coded Crypto Key in 1.000A+ (CVE-2022-29827)
CVE-2022-29827 7.5 - High - November 25, 2022

Use of Hard-coded Cryptographic Key vulnerability in Mitsubishi Electric GX Works3 versions from 1.000A and later allows a remote unauthenticated attacker to disclose sensitive information. As a result, unauthenticated attackers may view programs and project files or execute programs illegally.

Use of Hard-coded Credentials

GX Works3 1.000A+ Hard-Coded Crypto Key Remote Disclosure
CVE-2022-29828 7.5 - High - November 25, 2022

Use of Hard-coded Cryptographic Key vulnerability in Mitsubishi Electric GX Works3 versions from 1.000A and later allows a remote unauthenticated attacker to disclose sensitive information. As a result, unauthenticated attackers may view programs and project file or execute programs illegally.

Use of Hard-coded Credentials

GX Works3, GT Designer3, MT Works2 (1.000A-1.200J) Hard-coded Key Remote Disclosure
CVE-2022-29829 6.8 - Medium - November 25, 2022

Use of Hard-coded Cryptographic Key vulnerability in Mitsubishi Electric GX Works3 versions from 1.000A to 1.090U, GT Designer3 Version1 (GOT2000) versions from 1.122C to 1.290C, Motion Control Setting(GX Works3 related software) versions from 1.035M to 1.042U, and MT Works2 versions from 1.100E to 1.200J allows a remote unauthenticated attacker to disclose sensitive information. As a result, unauthenticated users may view programs and project files or execute programs illegally.

Use of Hard-coded Cryptographic Key

GX Works3 Hard-coded Key Remote Disclosure (v1.000A-1.095Z)
CVE-2022-29830 9.1 - Critical - November 25, 2022

Use of Hard-coded Cryptographic Key vulnerability in Mitsubishi Electric GX Works3 versions from 1.000A to 1.095Z, and Motion Control Setting(GX Works3 related software) versions from 1.000A to 1.065T allows a remote unauthenticated attacker to disclose or tamper with sensitive information. As a result, unauthenticated attackers may obtain information about project files illegally.

Use of Hard-coded Cryptographic Key

Mitsubishi Electric GX Works3 1.015R1.095Z: HardCoded Password Info Disclosure
CVE-2022-29831 7.5 - High - November 25, 2022

Use of Hard-coded Password vulnerability in Mitsubishi Electric Corporation GX Works3 versions from 1.015R to 1.095Z allows a remote unauthenticated attacker to obtain information about the project file for MELSEC safety CPU modules.

Use of Hard-coded Credentials

Cleartext Sensitive Data Exposure in Mitsubishi GX Works3 1.015R+
CVE-2022-29832 6.5 - Medium - November 25, 2022

Cleartext Storage of Sensitive Information in Memory vulnerability in Mitsubishi Electric Corporation GX Works3 versions 1.015R and later, GX Works2 all versions and GX Developer versions 8.40S and later allows a remote unauthenticated attacker to disclose sensitive information. As a result, unauthenticated users could obtain information about the project file for MELSEC safety CPU modules or project file for MELSEC Q/FX/L series with security setting.

Cleartext Storage of Sensitive Information

GX Works3 1.015R+ Insufficiently Protected Credentials Remote Disclosure
CVE-2022-29833 6.5 - Medium - November 25, 2022

Insufficiently Protected Credentials vulnerability in Mitsubishi Electric Corporation GX Works3 versions 1.015R and later allows a remote unauthenticated attacker to disclose sensitive information. As a result, unauthenticated users could access to MELSEC safety CPU modules illgally.

Insufficiently Protected Credentials

Successful exploitation of this vulnerability for multiple Mitsubishi Electric Factory Automation Engineering Software Products of various versions could
CVE-2020-14496 9.8 - Critical - May 19, 2022

Successful exploitation of this vulnerability for multiple Mitsubishi Electric Factory Automation Engineering Software Products of various versions could allow an attacker to escalate privilege and execute malicious programs, which could cause a denial-of-service condition, and allow information to be disclosed, tampered with, and/or destroyed.

Multiple Mitsubishi Electric Factory Automation engineering software products have a malicious code execution vulnerability
CVE-2020-14521 9.8 - Critical - February 11, 2022

Multiple Mitsubishi Electric Factory Automation engineering software products have a malicious code execution vulnerability. A malicious attacker could use this vulnerability to obtain information, modify information, and cause a denial-of-service condition.

Incorrect Default Permissions

Multiple Mitsubishi Electric Factory Automation products have a vulnerability
CVE-2020-14523 9.8 - Critical - February 11, 2022

Multiple Mitsubishi Electric Factory Automation products have a vulnerability that allows an attacker to execute arbitrary code.

Directory traversal

Heap-based buffer overflow vulnerability in Mitsubishi Electric FA Engineering Software (CPU Module Logging Configuration Tool versions 1.112R and prior, CW Configurator versions 1.011M and prior, Data Transfer versions 3.44W and prior, EZSocket versions 5.4 and prior, FR Configurator all versions, FR Configurator SW3 all versions, FR Configurator2 versions 1.24A and prior, GT Designer3 Version1(GOT1000) versions 1.250L and prior, GT Designer3 Version1(GOT2000) versions 1.250L and prior, GT SoftGOT1000 Version3 versions 3.245F and prior, GT SoftGOT2000 Version1 versions 1.250L and prior, GX Configurator-DP versions 7.14Q and prior, GX Configurator-QP all versions, GX Developer versions 8.506C and prior, GX Explorer all versions, GX IEC Developer all versions, GX LogViewer versions 1.115U and prior, GX RemoteService-I all versions, GX Works2 versions 1.597X and prior, GX Works3 versions 1.070Y and prior, iQ Monozukuri ANDON (Data Transfer) versions 1.003D and prior, iQ Monozukuri Process Remote Monitoring (Data Transfer) versions 1.002C and prior, M_CommDTM-HART all versions, M_CommDTM-IO-Link versions 1.03D and prior, MELFA-Works versions 4.4 and prior, MELSEC WinCPU Setting Utility all versions, MELSOFT EM Software Development Kit (EM Configurator) versions 1.015R and prior, MELSOFT Navigator versions 2.74C and prior, MH11 SettingTool Version2 versions 2.004E and prior, MI Configurator versions 1.004E and prior, MT Works2 versions 1.167Z and prior, MX Component versions 5.001B and prior, Network Interface Board CC IE Control utility versions 1.29F and prior, Network Interface Board CC IE Field Utility versions 1.16S and prior, Network Interface Board CC-Link Ver.2 Utility versions 1.23Z and prior, Network Interface Board MNETH utility versions 34L and prior, PX Developer versions 1.53F and prior, RT ToolBox2 versions 3.73B and prior, RT ToolBox3 versions 1.82L and prior, Setting/monitoring tools for the C Controller module (SW4PVC-CCPU) versions 4.12N and prior, and SLMP Data Collector versions 1.04E and prior)
CVE-2021-20587 7.5 - High - February 19, 2021

Heap-based buffer overflow vulnerability in Mitsubishi Electric FA Engineering Software (CPU Module Logging Configuration Tool versions 1.112R and prior, CW Configurator versions 1.011M and prior, Data Transfer versions 3.44W and prior, EZSocket versions 5.4 and prior, FR Configurator all versions, FR Configurator SW3 all versions, FR Configurator2 versions 1.24A and prior, GT Designer3 Version1(GOT1000) versions 1.250L and prior, GT Designer3 Version1(GOT2000) versions 1.250L and prior, GT SoftGOT1000 Version3 versions 3.245F and prior, GT SoftGOT2000 Version1 versions 1.250L and prior, GX Configurator-DP versions 7.14Q and prior, GX Configurator-QP all versions, GX Developer versions 8.506C and prior, GX Explorer all versions, GX IEC Developer all versions, GX LogViewer versions 1.115U and prior, GX RemoteService-I all versions, GX Works2 versions 1.597X and prior, GX Works3 versions 1.070Y and prior, iQ Monozukuri ANDON (Data Transfer) versions 1.003D and prior, iQ Monozukuri Process Remote Monitoring (Data Transfer) versions 1.002C and prior, M_CommDTM-HART all versions, M_CommDTM-IO-Link versions 1.03D and prior, MELFA-Works versions 4.4 and prior, MELSEC WinCPU Setting Utility all versions, MELSOFT EM Software Development Kit (EM Configurator) versions 1.015R and prior, MELSOFT Navigator versions 2.74C and prior, MH11 SettingTool Version2 versions 2.004E and prior, MI Configurator versions 1.004E and prior, MT Works2 versions 1.167Z and prior, MX Component versions 5.001B and prior, Network Interface Board CC IE Control utility versions 1.29F and prior, Network Interface Board CC IE Field Utility versions 1.16S and prior, Network Interface Board CC-Link Ver.2 Utility versions 1.23Z and prior, Network Interface Board MNETH utility versions 34L and prior, PX Developer versions 1.53F and prior, RT ToolBox2 versions 3.73B and prior, RT ToolBox3 versions 1.82L and prior, Setting/monitoring tools for the C Controller module (SW4PVC-CCPU) versions 4.12N and prior, and SLMP Data Collector versions 1.04E and prior) allows a remote unauthenticated attacker to cause a DoS condition on the software products, and possibly to execute a malicious code on the personal computer running the software products although it has not been reproduced, by spoofing MELSEC, GOT or FREQROL and returning crafted reply packets.

Heap-based Buffer Overflow

Improper Handling of Length Parameter Inconsistency vulnerability in Mitsubishi Electric FA Engineering Software (CPU Module Logging Configuration Tool versions 1.112R and prior, CW Configurator versions 1.011M and prior, Data Transfer versions 3.44W and prior, EZSocket versions 5.4 and prior, FR Configurator all versions, FR Configurator SW3 all versions, FR Configurator2 versions 1.24A and prior, GT Designer3 Version1(GOT1000) versions 1.250L and prior, GT Designer3 Version1(GOT2000) versions 1.250L and prior, GT SoftGOT1000 Version3 versions 3.245F and prior, GT SoftGOT2000 Version1 versions 1.250L and prior, GX Configurator-DP versions 7.14Q and prior, GX Configurator-QP all versions, GX Developer versions 8.506C and prior, GX Explorer all versions, GX IEC Developer all versions, GX LogViewer versions 1.115U and prior, GX RemoteService-I all versions, GX Works2 versions 1.597X and prior, GX Works3 versions 1.070Y and prior, iQ Monozukuri ANDON (Data Transfer) versions 1.003D and prior, iQ Monozukuri Process Remote Monitoring (Data Transfer) versions 1.002C and prior, M_CommDTM-HART all versions, M_CommDTM-IO-Link versions 1.03D and prior, MELFA-Works versions 4.4 and prior, MELSEC WinCPU Setting Utility all versions, MELSOFT EM Software Development Kit (EM Configurator) versions 1.015R and prior, MELSOFT Navigator versions 2.74C and prior, MH11 SettingTool Version2 versions 2.004E and prior, MI Configurator versions 1.004E and prior, MT Works2 versions 1.167Z and prior, MX Component versions 5.001B and prior, Network Interface Board CC IE Control utility versions 1.29F and prior, Network Interface Board CC IE Field Utility versions 1.16S and prior, Network Interface Board CC-Link Ver.2 Utility versions 1.23Z and prior, Network Interface Board MNETH utility versions 34L and prior, PX Developer versions 1.53F and prior, RT ToolBox2 versions 3.73B and prior, RT ToolBox3 versions 1.82L and prior, Setting/monitoring tools for the C Controller module (SW4PVC-CCPU) versions 4.12N and prior, and SLMP Data Collector versions 1.04E and prior)
CVE-2021-20588 7.5 - High - February 19, 2021

Improper Handling of Length Parameter Inconsistency vulnerability in Mitsubishi Electric FA Engineering Software (CPU Module Logging Configuration Tool versions 1.112R and prior, CW Configurator versions 1.011M and prior, Data Transfer versions 3.44W and prior, EZSocket versions 5.4 and prior, FR Configurator all versions, FR Configurator SW3 all versions, FR Configurator2 versions 1.24A and prior, GT Designer3 Version1(GOT1000) versions 1.250L and prior, GT Designer3 Version1(GOT2000) versions 1.250L and prior, GT SoftGOT1000 Version3 versions 3.245F and prior, GT SoftGOT2000 Version1 versions 1.250L and prior, GX Configurator-DP versions 7.14Q and prior, GX Configurator-QP all versions, GX Developer versions 8.506C and prior, GX Explorer all versions, GX IEC Developer all versions, GX LogViewer versions 1.115U and prior, GX RemoteService-I all versions, GX Works2 versions 1.597X and prior, GX Works3 versions 1.070Y and prior, iQ Monozukuri ANDON (Data Transfer) versions 1.003D and prior, iQ Monozukuri Process Remote Monitoring (Data Transfer) versions 1.002C and prior, M_CommDTM-HART all versions, M_CommDTM-IO-Link versions 1.03D and prior, MELFA-Works versions 4.4 and prior, MELSEC WinCPU Setting Utility all versions, MELSOFT EM Software Development Kit (EM Configurator) versions 1.015R and prior, MELSOFT Navigator versions 2.74C and prior, MH11 SettingTool Version2 versions 2.004E and prior, MI Configurator versions 1.004E and prior, MT Works2 versions 1.167Z and prior, MX Component versions 5.001B and prior, Network Interface Board CC IE Control utility versions 1.29F and prior, Network Interface Board CC IE Field Utility versions 1.16S and prior, Network Interface Board CC-Link Ver.2 Utility versions 1.23Z and prior, Network Interface Board MNETH utility versions 34L and prior, PX Developer versions 1.53F and prior, RT ToolBox2 versions 3.73B and prior, RT ToolBox3 versions 1.82L and prior, Setting/monitoring tools for the C Controller module (SW4PVC-CCPU) versions 4.12N and prior, and SLMP Data Collector versions 1.04E and prior) allows a remote unauthenticated attacker to cause a DoS condition on the software products, and possibly to execute a malicious code on the personal computer running the software products although it has not been reproduced, by spoofing MELSEC, GOT or FREQROL and returning crafted reply packets.

length manipulation