Hyper Historian Security Vulnerabilities and Issues — Hyper Historian CVE List

IconicsHyper Historian

7 matches found

CVE•added 2022/01/21 6:17 p.m.•225 views

CVE-2022-23128

The CVE-2022-23128 entry describes an Incomplete List of Disallowed Inputs vulnerability affecting Mitsubishi Electric MC Works64 (versions 4.00A to 4.04E) and ICONICS GENESIS64, Hyper Historian, AnalytiX, and MobileHMI (versions 10.95.3 to 10.97). The root cause is a bypass of authentication via...

9.8CVSS9.6AI score0.02884EPSS

CVE•added 2022/01/21 6:17 p.m.•212 views

CVE-2022-23130

CVE-2022-23130 describes a Buffer Over-read in Mitsubishi Electric MC Works64 (v4.00A–4.04E) and related ICONICS GENESIS64/GENESIS32 products up to prior versions. The root cause is a memory allocation error in the SQL query engine that can crash the SQL Server, enabling DoS when a config file wi...

5.9CVSS5.7AI score0.01004EPSS

CVE•added 2020/07/16 9:49 p.m.•78 views

CVE-2020-12007

CVE-2020-12007 describes a deserialization vulnerability in ICONICS Genesis64/Genesis32 GenBroker components (FrameWorX server) that can enable remote code execution or a denial-of-service when processing specially crafted network packets. Affected products include GENESIS64 GenBroker64/FrameWorX...

9.8CVSS9.7AI score0.03938EPSS

CVE•added 2020/07/16 6:53 p.m.•76 views

CVE-2020-12011

CVE-2020-12011 affects ICONICS Genesis64/Genesis32 and Mitsubishi Electric MC Works64/MC Works32 families. The vulnerability is an out-of-bounds write in certain broker/server components that could be triggered by a specially crafted network packet, potentially causing denial of service or remote...

9.8CVSS9.6AI score0.29194EPSS

CVE•added 2020/07/16 9:14 p.m.•75 views

CVE-2020-12013

CVE-2020-12013 is a code-injection vulnerability affecting Mitsubishi Electric MC Works64 (4.02C and earlier) and MC Works32 (3.00A), as well as ICONICS GenBroker64/GenBroker32 components (FrameWorX/Platform Services/Workbench) up to the listed prior versions. The issue arises from a specially cr...

9.1CVSS9.5AI score0.03029EPSS

CVE•added 2020/07/16 7:39 p.m.•72 views

CVE-2020-12009

CVE-2020-12009 pertains to a deserialization vulnerability in ICONICS/Mitsubishi Electric MC Works64/MC Works32 components. A specially crafted network packet could trigger a denial-of-service condition in affected products: MC Works64 (versions up to 4.02C and prior, broker64), MC Works32 (3.00A...

7.5CVSS7.4AI score0.03596EPSS

CVE•added 2020/07/16 9:30 p.m.•63 views

CVE-2020-12015

CVE-2020-12015 is a deserialization of untrusted data vulnerability affecting Mitsubishi Electric MC Works64 (4.02C and earlier) and MC Works32 (3.00A), plus ICONICS GENESIS64/GENESIS32 components (GenBroker64/Platform Services/Workbench/FrameWorX Server v10.96 and earlier; GenBroker32 v9.5 and e...

7.5CVSS7.3AI score0.02032EPSS