3 matches found
ICONICS Suite and Mitsubishi Electric MC Works64 Products (Update C)
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Low attack complexity Vendors: ICONICS, Mitsubishi Electric Equipment: ICONICS Product Suite, MC Works64 Vulnerabilities: Path Traversal, Deserialization of Untrusted Data, Inclusion of Functionality from Untrusted Control Sphere, Out-of-Bounds Read 2...
Cross site scripting
Cross-site Scripting vulnerability in Mitsubishi Electric MC Works64 versions 4.04E 10.95.210.01 and prior and ICONICS MobileHMI versions 10.96.2 and prior allows a remote unauthenticated attacker to gain authentication information of an MC Works64 or MobileHMI and perform any operation using the...
CVE-2022-23127
CVE-2022-23127 is a Cross-site Scripting (CWE-79) vulnerability affecting ICONICS MobileHMI and Mitsubishi Electric MC Works64. Connected Red Hat and CVE records specify: MC Works64 versions up to 4.04E (10.95.210.01) and MobileHMI versions up to 10.96.2 are vulnerable due to improper input valid...