Lucene search
K

7 matches found

ICS
ICS
added 2023/02/02 12:0 p.m.49 views

Mitsubishi Electric Multiple Factory Automation Products (Update D)

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mitsubishi Electric Equipment: GOT2000 compatible HMI software, CC-Link IE TSN Industrial Managed Switch, MELSEC iQ-R Series OPC UA Server Module Vulnerabilities: Infinite Loop, OS Command Injection 2...

10CVSS10AI score0.83223EPSS
Exploits7References29
ICS
ICS
added 2022/12/05 7:0 a.m.262 views

Mitsubishi Electric FA Engineering Software (Update C)

1. EXECUTIVE SUMMARY CVSS v3 9.1 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mitsubishi Electric Equipment: GX Works3, MX OPC UA Module Configurator-R Vulnerabilities: Cleartext Storage of Sensitive Information, Use of Hard-coded Password, Insufficiently Protected Credentials,...

9.1CVSS8.7AI score0.0129EPSS
Exploits0References11
Prion
Prion
added 2022/11/25 12:15 a.m.27 views

Information disclosure

Cleartext Storage of Sensitive Information vulnerability in Mitsubishi Electric GX Works3 versions from 1.000A to 1.095Z and Mitsubishi Electric MX OPC UA Module Configurator-R versions 1.08J and prior allows a remote unauthenticated attacker to disclose sensitive information. As a result,...

5CVSS7.8AI score0.00802EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2022/11/24 11:21 p.m.101 views

CVE-2022-25164

CVE-2022-25164 is a cleartext storage vulnerability affecting Mitsubishi Electric GX Works3 (versions 1.000A–1.095Z) and MX OPC UA Module Configurator-R (1.08J and earlier). Root cause: sensitive data stored in cleartext, enabling remote, unauthenticated disclosure and potential access to MELSEC ...

8.6CVSS7.7AI score0.00802EPSS
Exploits0References3Affected Software2
ICS
ICS
added 2022/08/30 12:0 a.m.120 views

Mitsubishi Electric Multiple Factory Automation Products (Update B)

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mitsubishi Electric Equipment: GOT2000 compatible HMI software, CC-Link IE TSN Industrial Managed Switch, MELSEC iQ-R Series OPC UA Server Module Vulnerabilities: Infinite Loop, OS Command Injection 2...

10CVSS10AI score0.83223EPSS
Exploits7References4
Prion
Prion
added 2020/11/02 9:15 p.m.20 views

Design/Logic Flaw

Improper neutralization of argument delimiters in a command 'Argument Injection' vulnerability in TCP/IP function included in the firmware of MELSEC iQ-R series RJ71EIP91 EtherNet/IP Network Interface Module First 2 digits of serial number are '02' or before, RJ71PN92 PROFINET IO Controller Modul...

3.3CVSS7.2AI score0.0105EPSS
Exploits0References3
Cvelist
Cvelist
added 2020/10/30 3:35 a.m.27 views

CVE-2020-5657

Improper neutralization of argument delimiters in a command 'Argument Injection' vulnerability in TCP/IP function included in the firmware of MELSEC iQ-R series RJ71EIP91 EtherNet/IP Network Interface Module First 2 digits of serial number are '02' or before, RJ71PN92 PROFINET IO Controller Modul...

6.6AI score0.0105EPSS
Exploits0References3
Rows per page
Query Builder