CVE-2023-6943

🗓️ 30 Jan 2024 09:09:29Reported by MitsubishiType

Unauthenticated remote code execution in Mitsubishi Electric product

Reporter	Title	Published	Views	Family All 13
BDU FSTEC	The vulnerabilities of Mitsubishi Electric’s software products, including EZSocket, FR Configurator2, GT Designer3 Version1(GOT1000), GT Designer3 Version1(GOT2000), GX Works2, GX Works3, MELSOFT Navigator, MT Works2, MX Component, and MX OPC Server DA/UA (software included with MC Works64), are related to the use of external control inputs for class selection. This allows a malicious individual to execute arbitrary code.	31 Jan 202400:00	–	bdu_fstec
Circl	CVE-2023-6943	30 Jan 202410:31	–	circl
CNNVD	Various Mitsubishi Electric products Security breach	30 Jan 202400:00	–	cnnvd
CVE	CVE-2023-6943	30 Jan 202409:09	–	cve
EUVD	EUVD-2023-59140	3 Oct 202520:07	–	euvd
ICS	Mitsubishi Electric FA Engineering Software Products (Update D)	30 Jan 202407:00	–	ics
NVD	CVE-2023-6943	30 Jan 202409:15	–	nvd
OSV	CVE-2023-6943	30 Jan 202409:15	–	osv
Prion	Code injection	30 Jan 202409:15	–	prion
Positive Technologies	PT-2024-1401 · Mitsubishi · Mx +8	30 Jan 202400:00	–	ptsecurity

[
  {
    "defaultStatus": "unaffected",
    "product": "EZSocket",
    "vendor": "Mitsubishi Electric Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "3.0 to 5.92"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "GT Designer3 Version1(GOT1000)",
    "vendor": "Mitsubishi Electric Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "1.325P and prior"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "GT Designer3 Version1(GOT2000)",
    "vendor": "Mitsubishi Electric Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "1.320J and prior"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "GX Works2",
    "vendor": "Mitsubishi Electric Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "1.11M to 1.626C"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "GX Works3",
    "vendor": "Mitsubishi Electric Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "1.106L and prior"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "MELSOFT Navigator",
    "vendor": "Mitsubishi Electric Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "1.04E to 2.102G"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "MT Works2",
    "vendor": "Mitsubishi Electric Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "1.190Y and prior"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "MX Component",
    "vendor": "Mitsubishi Electric Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "4.00A to 5.007H"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "MX OPC Server DA/UA",
    "vendor": "Mitsubishi Electric Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "all versions"
      }
    ]
  }
]

Source	Link
cisa	www.cisa.gov/news-events/ics-advisories/icsa-24-030-02
jvn	www.jvn.jp/vu/JVNVU95103362
mitsubishielectric	www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2023-020_en.pdf

19 Sep 2025 02:13Current

9.9High risk

Vulners AI Score9.9

CVSS 3.19.8

EPSS0.0397

CWE-470