21 matches found
EUVD-2025-209294
Cleartext Storage of Sensitive Information vulnerability in Mitsubishi Electric GENESIS64 versions 10.97.3 and prior, Mitsubishi Electric ICONICS Suite versions 10.97.3 and prior, Mitsubishi Electric MobileHMI versions 10.97.3 and prior, Mitsubishi Electric Hyper Historian versions 10.97.3 and...
CVE-2025-14815 Information Disclosure, Tampering, and Denial-of-Service Vulnerabilities in GENESIS64, ICONICS Suite, MobileHMI, Hyper Historian, AnalytiX, GENESIS, and MC Works64
Cleartext Storage of Sensitive Information vulnerability in Mitsubishi Electric GENESIS64 versions 10.97.3 and prior, Mitsubishi Electric ICONICS Suite versions 10.97.3 and prior, Mitsubishi Electric MobileHMI versions 10.97.3 and prior, Mitsubishi Electric Hyper Historian versions 10.97.3 and...
Mitsubishi Electric多款产品 安全漏洞
Mitsubishi Electric MC Works64 is a product of Japanese company Mitsubishi Electric. Mitsubishi Electric MC Works64 is a data acquisition and supervision system SCADA. Mitsubishi Electric GENESIS64 is a SCADA kit. Mitsubishi Electric MobileHMI is a mobile client application. Several products of...
CVE-2022-23127
Cross-site Scripting vulnerability in Mitsubishi Electric MC Works64 versions 4.04E 10.95.210.01 and prior and ICONICS MobileHMI versions 10.96.2 and prior allows a remote unauthenticated attacker to gain authentication information of an MC Works64 or MobileHMI and perform any operation using the...
CVE-2025-11774
Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability in the software keyboard function hereinafter referred to as "keypad function" of Mitsubishi Electric GENESIS64 versions 10.97.2 CFR3 and prior, Mitsubishi Electric Iconics Digital Solutions...
CVE-2025-11774 Malicious Code Execution Vulnerability in the Software Keyboard Function of GENESIS64, ICONICS Suite, Mobile HMI, and MC Works64
Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability in the software keyboard function hereinafter referred to as "keypad function" of Mitsubishi Electric GENESIS64 versions 10.97.2 CFR3 and prior, Mitsubishi Electric Iconics Digital Solutions...
CVE-2025-11774 Malicious Code Execution Vulnerability in the Software Keyboard Function of GENESIS64, ICONICS Suite, Mobile HMI, and MC Works64
Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability in the software keyboard function hereinafter referred to as "keypad function" of Mitsubishi Electric GENESIS64 versions 10.97.2 CFR3 and prior, Mitsubishi Electric Iconics Digital Solutions...
EUVD-2022-28218
Malicious code in bioql PyPI...
CVE-2025-7376
Windows Shortcut Following .LNK vulnerability in multiple processes of Mitsubishi Electric GENESIS64 versions 10.97.3 and prior, Mitsubishi Electric ICONICS Suite versions 10.97.3 and prior, Mitsubishi Electric MobileHMI versions 10.97.3 and prior, Mitsubishi Electric Hyper Historian versions...
Mitsubishi Electric Iconics Digital Solutions and Mitsubishi Electric Products (Update C)
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION : Low attack complexity Vendor : ICONICS, Mitsubishi Electric Equipment : ICONICS Product Suite, Mitsubishi Electric MC Works64 Vulnerability : Incorrect Default Permissions 2. RISK EVALUATION Successful exploitation of this vulnerability could...
ICONICS and Mitsubishi Electric Products
1. EXECUTIVE SUMMARY CVSS v3 6.3 ATTENTION: Low attack complexity Vendor: ICONICS, Mitsubishi Electric Equipment: ICONICS Product Suite Vulnerability: Path Traversal 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to write arbitrary files. 3. TECHNICAL...
ICONICS Suite and Mitsubishi Electric MC Works64 Products (Update C)
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Low attack complexity Vendors: ICONICS, Mitsubishi Electric Equipment: ICONICS Product Suite, MC Works64 Vulnerabilities: Path Traversal, Deserialization of Untrusted Data, Inclusion of Functionality from Untrusted Control Sphere, Out-of-Bounds Read 2...
CVE-2022-23127
Cross-site Scripting vulnerability in Mitsubishi Electric MC Works64 versions 4.04E 10.95.210.01 and prior and ICONICS MobileHMI versions 10.96.2 and prior allows a remote unauthenticated attacker to gain authentication information of an MC Works64 or MobileHMI and perform any operation using the...
CVE-2022-23127
Cross-site Scripting vulnerability in Mitsubishi Electric MC Works64 versions 4.04E 10.95.210.01 and prior and ICONICS MobileHMI versions 10.96.2 and prior allows a remote unauthenticated attacker to gain authentication information of an MC Works64 or MobileHMI and perform any operation using the...
CVE-2022-23128
Incomplete List of Disallowed Inputs vulnerability in Mitsubishi Electric MC Works64 versions 4.00A 10.95.201.23 to 4.04E 10.95.210.01, ICONICS GENESIS64 versions 10.95.3 to 10.97, ICONICS Hyper Historian versions 10.95.3 to 10.97, ICONICS AnalytiX versions 10.95.3 to 10.97 and ICONICS MobileHMI...
CVE-2022-23128
Incomplete List of Disallowed Inputs vulnerability in Mitsubishi Electric MC Works64 versions 4.00A 10.95.201.23 to 4.04E 10.95.210.01, ICONICS GENESIS64 versions 10.95.3 to 10.97, ICONICS Hyper Historian versions 10.95.3 to 10.97, ICONICS AnalytiX versions 10.95.3 to 10.97 and ICONICS MobileHMI...
Cross site scripting
Cross-site Scripting vulnerability in Mitsubishi Electric MC Works64 versions 4.04E 10.95.210.01 and prior and ICONICS MobileHMI versions 10.96.2 and prior allows a remote unauthenticated attacker to gain authentication information of an MC Works64 or MobileHMI and perform any operation using the...
Authentication flaw
Incomplete List of Disallowed Inputs vulnerability in Mitsubishi Electric MC Works64 versions 4.00A 10.95.201.23 to 4.04E 10.95.210.01, ICONICS GENESIS64 versions 10.95.3 to 10.97, ICONICS Hyper Historian versions 10.95.3 to 10.97, ICONICS AnalytiX versions 10.95.3 to 10.97 and ICONICS MobileHMI...
CVE-2022-23128
The CVE-2022-23128 entry describes an Incomplete List of Disallowed Inputs vulnerability affecting Mitsubishi Electric MC Works64 (versions 4.00A to 4.04E) and ICONICS GENESIS64, Hyper Historian, AnalytiX, and MobileHMI (versions 10.95.3 to 10.97). The root cause is a bypass of authentication via...
CVE-2022-23127
Cross-site Scripting vulnerability in Mitsubishi Electric MC Works64 versions 4.04E 10.95.210.01 and prior and ICONICS MobileHMI versions 10.96.2 and prior allows a remote unauthenticated attacker to gain authentication information of an MC Works64 or MobileHMI and perform any operation using the...