CVE-2022-29825

🗓️ 24 Nov 2022 23:21:54Reported by MitsubishiType

Use of Hard-coded Password vulnerability in Mitsubishi Electric GX Works3 and GT Designer

Reporter	Title	Published	Views	Family All 11
BDU FSTEC	The vulnerability of the software for programming Mitsubishi Electric GX Works3, related to the possibility of using strictly encrypted user data, allows a intruder to gain access to protected information.	23 Mar 202300:00	–	bdu_fstec
Circl	CVE-2022-29825	30 Mar 202320:05	–	circl
CNNVD	Mitsubishi Electric GX Works3 信任管理问题漏洞	25 Nov 202200:00	–	cnnvd
CVE	CVE-2022-29825	24 Nov 202223:21	–	cve
EUVD	EUVD-2022-34143	3 Oct 202520:07	–	euvd
ICS	Mitsubishi Electric FA Engineering Software (Update C)	5 Dec 202207:00	–	ics
NVD	CVE-2022-29825	25 Nov 202200:15	–	nvd
Prion	Hardcoded credentials	25 Nov 202200:15	–	prion
Positive Technologies	PT-2022-6456 · Mitsubishi · Mitsubishi Electric Gx Works3 +1	24 Nov 202200:00	–	ptsecurity
RedhatCVE	CVE-2022-29825	23 May 202501:15	–	redhatcve

[
  {
    "defaultStatus": "unaffected",
    "product": "GX Works3",
    "vendor": "Mitsubishi Electric Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "from 1.000A to 1.090U"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "GT Designer3 Version1 (GOT2000)",
    "vendor": "Mitsubishi Electric Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "from 1.122C to 1.290C"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "MT Works2",
    "vendor": "Mitsubishi Electric Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "from 1.100E to 1.200J"
      }
    ]
  }
]

Source	Link
cisa	www.cisa.gov/uscert/ics/advisories/icsa-22-333-05
jvn	www.jvn.jp/vu/JVNVU97244961/index.html
mitsubishielectric	www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-015_en.pdf

07 Nov 2025 06:49Current

7.8High risk

Vulners AI Score7.8

CVSS 3.15.6

EPSS0.00457

CWE-259

mitsubishi electric gx works3 gt designer3 hard-coded password vulnerability sensitive information disclosure unauthenticated attacker