CVE-2023-6942

🗓️ 30 Jan 2024 09:06:27Reported by MitsubishiType

CVE-2023-6942 Mitsubishi Electric Corporation EZSocket Missing Authentication Vulnerabilit

Reporter	Title	Published	Views	Family All 11
BDU FSTEC	The vulnerabilities of Mitsubishi Electric’s software products, including EZSocket, FR Configurator2, GT Designer3 Version1(GOT1000), GT Designer3 Version1(GOT2000), GX Works2, GX Works3, MELSOFT Navigator, MT Works2, MX Component, and MX OPC Server DA/UA (software included with MC Works64), are related to the absence of authentication for critical functions. This allows attackers to gain unauthorized access to confidential information.	6 Feb 202400:00	–	bdu_fstec
Circl	CVE-2023-6942	30 Jan 202410:31	–	circl
CNNVD	Mitsubishi Electric Various Products Access Control Error Vulnerability	30 Jan 202400:00	–	cnnvd
CVE	CVE-2023-6942	30 Jan 202409:06	–	cve
EUVD	EUVD-2023-59139	3 Oct 202520:07	–	euvd
ICS	Mitsubishi Electric FA Engineering Software Products (Update D)	30 Jan 202407:00	–	ics
NVD	CVE-2023-6942	30 Jan 202409:15	–	nvd
Prion	Authentication flaw	30 Jan 202409:15	–	prion
Positive Technologies	PT-2024-1480 · Mitsubishi · Gx Works3 +8	30 Jan 202400:00	–	ptsecurity
RedhatCVE	CVE-2023-6942	13 Feb 202509:20	–	redhatcve

[
  {
    "defaultStatus": "unaffected",
    "product": "EZSocket",
    "vendor": "Mitsubishi Electric Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "3.0 to 5.92"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "GT Designer3 Version1(GOT1000)",
    "vendor": "Mitsubishi Electric Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "1.325P and prior"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "GT Designer3 Version1(GOT2000)",
    "vendor": "Mitsubishi Electric Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "1.320J and prior"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "GX Works2",
    "vendor": "Mitsubishi Electric Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "1.11M to 1.626C"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "GX Works3",
    "vendor": "Mitsubishi Electric Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "1.106L and prior"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "MELSOFT Navigator",
    "vendor": "Mitsubishi Electric Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "1.04E to 2.102G"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "MT Works2",
    "vendor": "Mitsubishi Electric Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "1.190Y and prior"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "MX Component",
    "vendor": "Mitsubishi Electric Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "4.00A to 5.007H"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "MX OPC Server DA/UA",
    "vendor": "Mitsubishi Electric Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "all versions"
      }
    ]
  }
]

Source	Link
cisa	www.cisa.gov/news-events/ics-advisories/icsa-24-030-02
jvn	www.jvn.jp/vu/JVNVU95103362
mitsubishielectric	www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2023-020_en.pdf

19 Sep 2025 02:12Current

7.9High risk

Vulners AI Score7.9

CVSS 3.17.5

EPSS0.00444

CWE-306