CVE-2025-14815

Cleartext Storage of Sensitive Information vulnerability in Mitsubishi Electric GENESIS64 versions 10.97.3 and prior, Mitsubishi Electric ICONICS Suite versions 10.97.3 and prior, Mitsubishi Electric MobileHMI versions 10.97.3 and prior, Mitsubishi Electric Hyper Historian versions 10.97.3 and...

EUVD-2025-209294

Cleartext Storage of Sensitive Information vulnerability in Mitsubishi Electric GENESIS64 versions 10.97.3 and prior, Mitsubishi Electric ICONICS Suite versions 10.97.3 and prior, Mitsubishi Electric MobileHMI versions 10.97.3 and prior, Mitsubishi Electric Hyper Historian versions 10.97.3 and...

CVE-2025-14815 Information Disclosure, Tampering, and Denial-of-Service Vulnerabilities in GENESIS64, ICONICS Suite, MobileHMI, Hyper Historian, AnalytiX, GENESIS, and MC Works64

Cleartext Storage of Sensitive Information vulnerability in Mitsubishi Electric GENESIS64 versions 10.97.3 and prior, Mitsubishi Electric ICONICS Suite versions 10.97.3 and prior, Mitsubishi Electric MobileHMI versions 10.97.3 and prior, Mitsubishi Electric Hyper Historian versions 10.97.3 and...

Mitsubishi Electric多款产品 安全漏洞

Mitsubishi Electric GENESIS64 and other products are developed by Mitsubishi Electric Corporation of Japan. Mitsubishi Electric GENESIS64 is a SCADA suite. Mitsubishi Electric ICONICS Suite is a monitoring system for digital factories and intelligent buildings. Mitsubishi Electric MobileHMI is a...

PT-2026-30801

Cleartext Storage of Sensitive Information vulnerability in Mitsubishi Electric GENESIS64 versions 10.97.3 and prior, Mitsubishi Electric ICONICS Suite versions 10.97.3 and prior, Mitsubishi Electric MobileHMI versions 10.97.3 and prior, Mitsubishi Electric Hyper Historian versions 10.97.3 and...

CVE-2025-7376

Windows Shortcut Following .LNK vulnerability in multiple processes of Mitsubishi Electric GENESIS64 versions 10.97.3 and prior, Mitsubishi Electric ICONICS Suite versions 10.97.3 and prior, Mitsubishi Electric MobileHMI versions 10.97.3 and prior, Mitsubishi Electric Hyper Historian versions...

Mitsubishi Electric Iconics Digital Solutions and Mitsubishi Electric Products (Update C)

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION : Low attack complexity Vendor : ICONICS, Mitsubishi Electric Equipment : ICONICS Product Suite, Mitsubishi Electric MC Works64 Vulnerability : Incorrect Default Permissions 2. RISK EVALUATION Successful exploitation of this vulnerability could...

ICONICS and Mitsubishi Electric Products

1. EXECUTIVE SUMMARY CVSS v3 6.3 ATTENTION: Low attack complexity Vendor: ICONICS, Mitsubishi Electric Equipment: ICONICS Product Suite Vulnerability: Path Traversal 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to write arbitrary files. 3. TECHNICAL...

The vulnerability of the software tools for monitoring and managing the ICONICS Suite, GENESIS64, Hyper Historian, Energy AnalytiX, and MobileHMI processes lies in the fact that passwords are stored in an unencrypted form, allowing attackers to compromise the protected information.

The vulnerability of the software tools for monitoring and managing the ICONICS Suite, GENESIS64, Hyper Historian, Energy AnalytiX, and MobileHMI processes lies in the storage of passwords in an unencrypted form. Exploiting this vulnerability can allow a perpetrator to disclose the protected...

The vulnerabilities of the monitoring and process management software components in the ICONICS Suite, GENESIS64, Hyper Historian, Energy AnalytiX, and MobileHMI systems stem from the use of an incomplete blacklist. This allows attackers to bypass authentication procedures or gain unauthorized access to devices.

The vulnerabilities of the monitoring and process management software suites ICONICS Suite, GENESIS64, Hyper Historian, Energy AnalytiX, and MobileHMI are related to the use of an incomplete blacklist. Exploiting these vulnerabilities allows a malicious actor to bypass authentication procedures o...

ICONICS Suite and Mitsubishi Electric MC Works64 Products (Update C)

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Low attack complexity Vendors: ICONICS, Mitsubishi Electric Equipment: ICONICS Product Suite, MC Works64 Vulnerabilities: Path Traversal, Deserialization of Untrusted Data, Inclusion of Functionality from Untrusted Control Sphere, Out-of-Bounds Read 2...

CVE-2022-23128

Incomplete List of Disallowed Inputs vulnerability in Mitsubishi Electric MC Works64 versions 4.00A 10.95.201.23 to 4.04E 10.95.210.01, ICONICS GENESIS64 versions 10.95.3 to 10.97, ICONICS Hyper Historian versions 10.95.3 to 10.97, ICONICS AnalytiX versions 10.95.3 to 10.97 and ICONICS MobileHMI...

CVE-2022-23128

Incomplete List of Disallowed Inputs vulnerability in Mitsubishi Electric MC Works64 versions 4.00A 10.95.201.23 to 4.04E 10.95.210.01, ICONICS GENESIS64 versions 10.95.3 to 10.97, ICONICS Hyper Historian versions 10.95.3 to 10.97, ICONICS AnalytiX versions 10.95.3 to 10.97 and ICONICS MobileHMI...

Authentication flaw

Incomplete List of Disallowed Inputs vulnerability in Mitsubishi Electric MC Works64 versions 4.00A 10.95.201.23 to 4.04E 10.95.210.01, ICONICS GENESIS64 versions 10.95.3 to 10.97, ICONICS Hyper Historian versions 10.95.3 to 10.97, ICONICS AnalytiX versions 10.95.3 to 10.97 and ICONICS MobileHMI...

CVE-2022-23128

The CVE-2022-23128 entry describes an Incomplete List of Disallowed Inputs vulnerability affecting Mitsubishi Electric MC Works64 (versions 4.00A to 4.04E) and ICONICS GENESIS64, Hyper Historian, AnalytiX, and MobileHMI (versions 10.95.3 to 10.97). The root cause is a bypass of authentication via...