Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
NA

CVE-2023-5247

Published: 30/11/2023 Updated: 05/12/2023
CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8
VMScore: 0
Subscribe to Mitsubishielectric

Vulnerability Summary

Malicious Code Execution Vulnerability due to External Control of File Name or Path in multiple Mitsubishi Electric FA Engineering Software Products allows a malicious malicious user to execute a malicious code by having legitimate users open a specially crafted project file, which could result in information disclosure, tampering and deletion, or a denial-of-service (DoS) condition.

Vulnerable Product Search on Vulmon Subscribe to Product

mitsubishielectric melsoft navigator

mitsubishielectric gx works3

mitsubishielectric melsoft iq appportal

mitsubishielectric motion control setting

ICS Advisories

https://ics-cert.us-cert.gov/advisories/1a4f30ec37a4991f1916260adb69cc14
Critical Infrastructure Sectors: Critical Manufacturing

References

CWE-610https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2023-016_en.pdfhttps://jvn.jp/vu/JVNVU93383160/https://nvd.nist.govhttps://www.cisa.gov/news-events/ics-advisories/icsa-23-334-04
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
validationCVE-2024-34413CVE-2024-34089CVE-2024-33408localSQLCVE-2024-0402CVE-2024-33910CVE-2024-31848
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook