38 matches found
EUVD-2020-26690
Malware in sbrugna...
EUVD-2021-8024
Malicious code in bioql PyPI...
EUVD-2021-8025
Malicious code in bioql PyPI...
CISA Releases Four Industrial Control Systems Advisories
CISA released four Industrial Control Systems ICS advisories on July 3, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-184-01 Hitachi Energy Relion 670/650 and SAM600-IO Series ICSA-25-184-02 Hitachi Energy...
Mitsubishi Electric MELSOFT Update Manager (Update B)
RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to execute arbitrary code, disclose information, alter information, or cause a denial-of-service DoS condition. 2. RECOMMENDED PRACTICES CISA reminds organizations to perform proper impact analysis and risk...
CVE-2021-20591
Uncontrolled Resource Consumption vulnerability in Mitsubishi Electric MELSEC iQ-R series CPU modules R00/01/02CPU all versions, R04/08/16/32/120ENCPU all versions, R08/16/32/120SFCPU all versions, R08/16/32/120PCPU all versions, R08/16/32/120PSFCPU all versions allows a remote unauthenticated...
CVE-2021-20607
Integer Underflow vulnerability in Mitsubishi Electric GX Works2 versions 1.606G and prior, Mitsubishi Electric MELSOFT Navigator versions 2.84N and prior and Mitsubishi Electric EZSocket versions 5.4 and prior allows an attacker to cause a DoS condition in the software by getting a user to open...
CVE-2020-5527
When MELSOFT transmission port UDP/IP of Mitsubishi Electric MELSEC iQ-R series all versions, MELSEC iQ-F series all versions, MELSEC Q series all versions, MELSEC L series all versions, and MELSEC F series all versions receives massive amount of data via unspecified vectors, resource consumption...
CVE-2023-6942
Missing Authentication for Critical Function vulnerability in Mitsubishi Electric Corporation EZSocket versions 3.0 to 5.92, GT Designer3 Version1GOT1000 versions 1.325P and prior, GT Designer3 Version1GOT2000 versions 1.320J and prior, GX Works2 versions 1.11M to 1.626C, GX Works3 versions 1.106...
CVE-2023-6943
Use of Externally-Controlled Input to Select Classes or Code 'Unsafe Reflection' vulnerability in Mitsubishi Electric Corporation EZSocket versions 3.0 to 5.92, GT Designer3 Version1GOT1000 versions 1.325P and prior, GT Designer3 Version1GOT2000 versions 1.320J and prior, GX Works2 versions 1.11M...
Code injection
Use of Externally-Controlled Input to Select Classes or Code 'Unsafe Reflection' vulnerability in Mitsubishi Electric Corporation EZSocket versions 3.0 and later, FR Configurator2 all versions, GT Designer3 Version1GOT1000 all versions, GT Designer3 Version1GOT2000 all versions, GX Works2 version...
Authentication flaw
Missing Authentication for Critical Function vulnerability in Mitsubishi Electric Corporation EZSocket versions 3.0 and later, FR Configurator2 all versions, GT Designer3 Version1GOT1000 all versions, GT Designer3 Version1GOT2000 all versions, GX Works2 versions 1.11M and later, GX Works3 all...
CVE-2023-6943
Use of Externally-Controlled Input to Select Classes or Code 'Unsafe Reflection' vulnerability in Mitsubishi Electric Corporation EZSocket versions 3.0 to 5.92, GT Designer3 Version1GOT1000 versions 1.325P and prior, GT Designer3 Version1GOT2000 versions 1.320J and prior, GX Works2 versions 1.11M...
CVE-2023-6943
CVE-2023-6943 affects Mitsubishi Electric FA Engineering Software: EZSocket (v3.0–5.92), FR Configurator2 (all), GT Designer3 GOT1000 (all up to 1.325P), GT Designer3 GOT2000 (up to 1.320J), GX Works2 (1.11M+), GX Works3 (all), MELSOFT Navigator (1.04E–2.102G), MT Works2 (all), MX Component (4.00...
CVE-2023-6942
CVE-2023-6942 is a Missing Authentication for Critical Function vulnerability affecting Mitsubishi Electric FA Engineering Software Products, including EZSocket (3.0–5.92), FR Configurator2, GT Designer3 (GOT1000 1.x up to 1.325P, GOT2000 1.x up to 1.320J), GX Works2 (1.11M+), GX Works3, MELSOFT ...
Mitsubishi Electric FA Engineering Software Products (Update D)
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION : Exploitable remotely/low attack complexity Vendor : Mitsubishi Electric Equipment : EZSocket, FR Configurator2, GT Designer3 Version1GOT1000, GT Designer3 Version1GOT2000, GX Works2, GX Works3, MELSOFT Navigator, MT Works2, MX Component, MX...
Various Mitsubishi Electric products Security breach
Mitsubishi Electric FR Configurator2 and others are products of Mitsubishi Electric, Japan.Mitsubishi Electric FR Configurator2 is an inverter drive configuration application.Mitsubishi Electric GT Designer3 is an inverter interface programming software. Mitsubishi Electric GT Designer3 is a HMI...
PT-2024-1401 · Mitsubishi · Mx +8
Name of the Vulnerable Software and Affected Versions: Mitsubishi Electric Corporation EZSocket versions 3.0 to 5.92 GT Designer3 Version1GOT1000 versions 1.325P and prior GT Designer3 Version1GOT2000 versions 1.320J and prior GX Works2 versions 1.11M and later GX Works3 versions 1.106L and prior...
PT-2024-1480 · Mitsubishi · Gx Works3 +8
Name of the Vulnerable Software and Affected Versions: Mitsubishi Electric EZSocket versions 3.0 to 5.92 Mitsubishi Electric GT Designer3 Version1GOT1000 versions 1.325P and prior Mitsubishi Electric GT Designer3 Version1GOT2000 versions 1.320J and prior Mitsubishi Electric GX Works2 versions 1.1...
The software for Mitsubishi Electric GX Works3 programming is vulnerable. The software includes control tools for applications in industrial automation systems, namely MELSOFT iQ AppPortal, MELSOFT Navigator, and Motion Control Setting. This vulnerability allows a malicious individual to execute arbitrary code, disclose protected information, and trigger service failures.
The vulnerabilities of the software for programming Mitsubishi Electric GX Works3, as well as the software tools for managing applications in industrial automation systems such as MELSOFT iQ AppPortal, MELSOFT Navigator, and Motion Control Setting, are related to external control mechanisms...