8 matches found
CVE-2020-12007
CVE-2020-12007 describes a deserialization vulnerability in ICONICS Genesis64/Genesis32 GenBroker components (FrameWorX server) that can enable remote code execution or a denial-of-service when processing specially crafted network packets. Affected products include GENESIS64 GenBroker64/FrameWorX...
CVE-2020-12013
A specially crafted WCF client that interfaces to the may allow the execution of certain arbitrary SQL commands remotely. This affects: Mitsubishi Electric MC Works64 Version 4.02C 10.95.208.31 and earlier, all versions; Mitsubishi Electric MC Works32 Version 3.00A 9.50.255.02; ICONICS GenBroker6...
Deserialization of untrusted data
A specially crafted communication packet sent to the affected device could cause a denial-of-service condition due to a deserialization vulnerability. This affects: Mitsubishi Electric MC Works64 Version 4.02C 10.95.208.31 and earlier, all versions; Mitsubishi Electric MC Works32 Version 3.00A...
CVE-2020-12009
A specially crafted communication packet sent to the affected device could cause a denial-of-service condition due to a deserialization vulnerability. This affects: Mitsubishi Electric MC Works64 Version 4.02C 10.95.208.31 and earlier, all versions; Mitsubishi Electric MC Works32 Version 3.00A...
CVE-2020-12011
A specially crafted communication packet sent to the affected systems could cause a denial-of-service condition or allow remote code execution. This issue affects: Mitsubishi Electric MC Works64 version 4.02C 10.95.208.31 and earlier, all versions; MC Works32 version 3.00A 9.50.255.02; ICONICS...
Mitsubishi Electric MC Works64 and MC Works32 Code Issue Vulnerability (CNVD-2020-34371)
The Mitsubishi Electric MC Works64 and MC Works32 are both data acquisition and monitoring SCADA systems from Mitsubishi Electric Japan. A code issue vulnerability exists in Mitsubishi Electric MC Works64 version 4.02C 10.95.208.31 and earlier and MC Works32 version 3.00A 9.50.255.02, which can b...
Mitsubishi Electric MC Works64 and MC Works32 Code Injection Vulnerability
The Mitsubishi Electric MC Works64 and MC Works32 are both data acquisition and monitoring systems SCADA from Mitsubishi Electric Japan. A code injection vulnerability exists in Mitsubishi Electric MC Works64 version 4.02C 10.95.208.31 and earlier versions, and MC Works32 version 3.00A 9.50.255.0...
Mitsubishi Electric MC Works64, MC Works32
1. EXECUTIVE SUMMARY CVSS v3 9.4 ATTENTION: Exploitable remotely Vendor: Mitsubishi Electric Equipment: MC Works64, MC Works32 Vulnerabilities: Out-of-bounds Write, Deserialization of Untrusted Data, Code Injection 2. RISK EVALUATION Successful exploitation of these vulnerabilities may allow...