4 matches found
Mitsubishi Electric FA Engineering Software (Update C)
1. EXECUTIVE SUMMARY CVSS v3 9.1 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mitsubishi Electric Equipment: GX Works3, MX OPC UA Module Configurator-R Vulnerabilities: Cleartext Storage of Sensitive Information, Use of Hard-coded Password, Insufficiently Protected Credentials,...
CISA Warns of Multiple Critical Vulnerabilities Affecting Mitsubishi Electric PLCs
The U.S. Cybersecurity and Infrastructure Security Agency CISA this week released an Industrial Control Systems ICS advisory warning of multiple vulnerabilities in Mitsubishi Electric GX Works3 engineering software. "Successful exploitation of these vulnerabilities could allow unauthorized users ...
CVE-2022-25164
CVE-2022-25164 is a cleartext storage vulnerability affecting Mitsubishi Electric GX Works3 (versions 1.000A–1.095Z) and MX OPC UA Module Configurator-R (1.08J and earlier). Root cause: sensitive data stored in cleartext, enabling remote, unauthenticated disclosure and potential access to MELSEC ...
CVE-2022-25164
Cleartext Storage of Sensitive Information vulnerability in Mitsubishi Electric GX Works3 versions from 1.000A to 1.095Z and Mitsubishi Electric MX OPC UA Module Configurator-R versions 1.08J and prior allows a remote unauthenticated attacker to disclose sensitive information. As a result,...