Genesis32 Security Vulnerabilities and Issues — Genesis32 CVE List

Lucene search

IconicsGenesis32

10 matches found

CVE•added 2020/07/16 10:15 p.m.•65 views

CVE-2020-12007

A specially crafted communication packet sent to the affected devices could allow remote code execution and a denial-of-service condition due to a deserialization vulnerability. This issue affects: Mitsubishi Electric MC Works64 version 4.02C (10.95.208.31) and earlier, all versions; Mitsubishi Ele...

9.8CVSS9.7AI score0.0217EPSS

CVE•added 2020/07/16 7:15 p.m.•63 views

CVE-2020-12011

A specially crafted communication packet sent to the affected systems could cause a denial-of-service condition or allow remote code execution. This issue affects: Mitsubishi Electric MC Works64 version 4.02C (10.95.208.31) and earlier, all versions; MC Works32 version 3.00A (9.50.255.02); ICONICS ...

9.8CVSS9.6AI score0.10238EPSS

CVE•added 2011/05/13 5:5 p.m.•61 views

CVE-2011-2089

Stack-based buffer overflow in the SetActiveXGUID method in the VersionInfo ActiveX control in GenVersion.dll 8.0.138.0 in the WebHMI subsystem in ICONICS BizViz 9.x before 9.22 and GENESIS32 9.x before 9.22 allows remote attackers to execute arbitrary code via a long string in the argument. NOTE: ...

9.3CVSS8.3AI score0.76007EPSS

CVE•added 2020/07/16 10:15 p.m.•61 views

CVE-2020-12013

A specially crafted WCF client that interfaces to the may allow the execution of certain arbitrary SQL commands remotely. This affects: Mitsubishi Electric MC Works64 Version 4.02C (10.95.208.31) and earlier, all versions; Mitsubishi Electric MC Works32 Version 3.00A (9.50.255.02); ICONICS GenBroke...

9.1CVSS9.5AI score0.00906EPSS

CVE•added 2020/07/16 8:15 p.m.•58 views

CVE-2020-12009

A specially crafted communication packet sent to the affected device could cause a denial-of-service condition due to a deserialization vulnerability. This affects: Mitsubishi Electric MC Works64 Version 4.02C (10.95.208.31) and earlier, all versions; Mitsubishi Electric MC Works32 Version 3.00A (9...

7.5CVSS7.4AI score0.00201EPSS

CVE•added 2020/07/16 10:15 p.m.•53 views

CVE-2020-12015

A specially crafted communication packet sent to the affected systems could cause a denial-of-service condition due to improper deserialization. This issue affects: Mitsubishi Electric MC Works64 version 4.02C (10.95.208.31) and earlier, all versions; Mitsubishi Electric MC Works32 version 3.00A (9...

7.5CVSS7.3AI score0.00201EPSS

CVE•added 2014/02/24 4:48 a.m.•38 views

CVE-2014-0758

An ActiveX control in GenLaunch.htm in ICONICS GENESIS32 8.0, 8.02, 8.04, and 8.05 allows remote attackers to execute arbitrary programs via a crafted HTML document.

9.3CVSS7.4AI score0.00635EPSS

CVE•added 2012/07/31 10:45 a.m.•32 views

CVE-2012-3018

The lockout-recovery feature in the Security Configurator component in ICONICS GENESIS32 9.22 and earlier and BizViz 9.22 and earlier uses an improper encryption algorithm for generation of an authentication code, which allows local users to bypass intended access restrictions and obtain administra...

4.4CVSS6.8AI score0.00031EPSS

CVE•added 2012/04/18 5:55 p.m.•29 views

CVE-2011-5088

The GENESIS32 IcoSetServer ActiveX control in ICONICS GENESIS32 9.21 and BizViz 9.21 configures the trusted zone on the basis of user input, which allows remote attackers to execute arbitrary code via a crafted web site, related to a "Workbench32/WebHMI component SetTrustedZone Policy vulnerability...

9.3CVSS7.8AI score0.01724EPSS

CVE•added 2012/04/18 5:55 p.m.•28 views

CVE-2011-5089

Buffer overflow in the Security Login ActiveX controls in ICONICS GENESIS32 8.05, 9.0, 9.1, and 9.2 and BizViz 8.05, 9.0, 9.1, and 9.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long password.

10CVSS8.5AI score0.03433EPSS