20 matches found
EUVD-2019-2690
Malware in sbrugna...
CVE-2019-10972
Mitsubishi Electric FR Configurator2, Version 1.16S and prior. This vulnerability can be triggered when an attacker provides the target with a rogue project file .frc2. Once a user opens the rogue project, CPU exhaustion occurs, which causes the software to quit responding until the application i...
CVE-2019-10976
Mitsubishi Electric FR Configurator2, Version 1.16S and prior. This vulnerability is triggered when input passed to the XML parser is not sanitized while parsing the XML project and/or template file .frc2. Once a user opens the file, the attacker could read arbitrary files...
CVE-2023-6943
Use of Externally-Controlled Input to Select Classes or Code 'Unsafe Reflection' vulnerability in Mitsubishi Electric Corporation EZSocket versions 3.0 to 5.92, GT Designer3 Version1GOT1000 versions 1.325P and prior, GT Designer3 Version1GOT2000 versions 1.320J and prior, GX Works2 versions 1.11M...
Code injection
Use of Externally-Controlled Input to Select Classes or Code 'Unsafe Reflection' vulnerability in Mitsubishi Electric Corporation EZSocket versions 3.0 and later, FR Configurator2 all versions, GT Designer3 Version1GOT1000 all versions, GT Designer3 Version1GOT2000 all versions, GX Works2 version...
Authentication flaw
Missing Authentication for Critical Function vulnerability in Mitsubishi Electric Corporation EZSocket versions 3.0 and later, FR Configurator2 all versions, GT Designer3 Version1GOT1000 all versions, GT Designer3 Version1GOT2000 all versions, GX Works2 versions 1.11M and later, GX Works3 all...
CVE-2023-6943
Use of Externally-Controlled Input to Select Classes or Code 'Unsafe Reflection' vulnerability in Mitsubishi Electric Corporation EZSocket versions 3.0 to 5.92, GT Designer3 Version1GOT1000 versions 1.325P and prior, GT Designer3 Version1GOT2000 versions 1.320J and prior, GX Works2 versions 1.11M...
CVE-2023-6942
CVE-2023-6942 is a Missing Authentication for Critical Function vulnerability affecting Mitsubishi Electric FA Engineering Software Products, including EZSocket (3.0–5.92), FR Configurator2, GT Designer3 (GOT1000 1.x up to 1.325P, GOT2000 1.x up to 1.320J), GX Works2 (1.11M+), GX Works3, MELSOFT ...
Mitsubishi Electric FA Engineering Software Products (Update D)
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION : Exploitable remotely/low attack complexity Vendor : Mitsubishi Electric Equipment : EZSocket, FR Configurator2, GT Designer3 Version1GOT1000, GT Designer3 Version1GOT2000, GX Works2, GX Works3, MELSOFT Navigator, MT Works2, MX Component, MX...
Various Mitsubishi Electric products Security breach
Mitsubishi Electric FR Configurator2 and others are products of Mitsubishi Electric, Japan.Mitsubishi Electric FR Configurator2 is an inverter drive configuration application.Mitsubishi Electric GT Designer3 is an inverter interface programming software. Mitsubishi Electric GT Designer3 is a HMI...
PT-2024-1480 · Mitsubishi · Gx Works3 +8
Name of the Vulnerable Software and Affected Versions: Mitsubishi Electric EZSocket versions 3.0 to 5.92 Mitsubishi Electric GT Designer3 Version1GOT1000 versions 1.325P and prior Mitsubishi Electric GT Designer3 Version1GOT2000 versions 1.320J and prior Mitsubishi Electric GX Works2 versions 1.1...
CVE-2019-10972
Mitsubishi Electric FR Configurator2, Version 1.16S and prior. This vulnerability can be triggered when an attacker provides the target with a rogue project file .frc2. Once a user opens the rogue project, CPU exhaustion occurs, which causes the software to quit responding until the application i...
CVE-2019-10976
Mitsubishi Electric FR Configurator2, Version 1.16S and prior. This vulnerability is triggered when input passed to the XML parser is not sanitized while parsing the XML project and/or template file .frc2. Once a user opens the file, the attacker could read arbitrary files...
Input validation
Mitsubishi Electric FR Configurator2, Version 1.16S and prior. This vulnerability is triggered when input passed to the XML parser is not sanitized while parsing the XML project and/or template file .frc2. Once a user opens the file, the attacker could read arbitrary files...
Design/Logic Flaw
Mitsubishi Electric FR Configurator2, Version 1.16S and prior. This vulnerability can be triggered when an attacker provides the target with a rogue project file .frc2. Once a user opens the rogue project, CPU exhaustion occurs, which causes the software to quit responding until the application i...
CVE-2019-10972
CVE-2019-10972 affects Mitsubishi Electric FR Configurator2 (Version 1.16S and earlier). The vulnerability arises when a rogue project file (.frc2) is opened, triggering CPU exhaustion and causing the application to stop responding until restart. Connected advisories corroborate an Uncontrolled R...
CVE-2019-10972
Mitsubishi Electric FR Configurator2, Version 1.16S and prior. This vulnerability can be triggered when an attacker provides the target with a rogue project file .frc2. Once a user opens the rogue project, CPU exhaustion occurs, which causes the software to quit responding until the application i...
CVE-2019-10976
The CVE-2019-10976 vulnerability affects Mitsubishi Electric FR Configurator2 (versions 1.16S and prior). It arises from improper restriction/filtering of input to the XML parser when parsing .frc2 project/template files, allowing an attacker to read arbitrary files on open. ICSA/ICS guidance ind...
CVE-2019-10976
Mitsubishi Electric FR Configurator2, Version 1.16S and prior. This vulnerability is triggered when input passed to the XML parser is not sanitized while parsing the XML project and/or template file .frc2. Once a user opens the file, the attacker could read arbitrary files...
Mitsubishi FR Configurator2 Resource Management Error Vulnerability
Mitsubishi FR Configurator2 is an inverter drive configuration application from Mitsubishi Electric Japan. A resource management error vulnerability exists in Mitsubishi FR Configurator2. The vulnerability stems from the mismanagement of system resources e.g., memory, disk space, files, etc. by a...