Multiple Mitsubishi Electric Factory Automation products have a vulnerability that allows an attacker to execute arbitrary code.
References
Link | Resource |
---|---|
https://jvn.jp/vu/JVNVU90224831/ | Third Party Advisory |
https://www.cisa.gov/uscert/ics/advisories/icsa-20-212-03 | Patch Third Party Advisory US Government Resource |
https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2020-008_en.pdf | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
Configuration 5 (hide)
AND |
|
Configuration 6 (hide)
AND |
|
Configuration 7 (hide)
AND |
|
Configuration 8 (hide)
AND |
|
History
01 Mar 2022, 16:20
Type | Values Removed | Values Added |
---|---|---|
First Time |
Mitsubishielectric iu Configuration Tool
Mitsubishielectric iu Developer2 |
|
CPE | cpe:2.3:a:mitsubishielectric:iu_configuration_tool:*:*:*:*:*:*:*:* cpe:2.3:a:mitsubishielectric:iu_developer2:*:*:*:*:*:*:*:* |
|
References | (MISC) https://jvn.jp/vu/JVNVU90224831/ - Third Party Advisory | |
References | (MISC) https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2020-008_en.pdf - Vendor Advisory |
19 Feb 2022, 00:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
18 Feb 2022, 18:42
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:mitsubishielectric:melsoft_iq_appportal:*:*:*:*:*:*:*:* cpe:2.3:o:mitsubishielectric:rd78g16_firmware:*:*:*:*:*:*:*:* cpe:2.3:a:mitsubishielectric:mx_component:*:*:*:*:*:*:*:* cpe:2.3:o:mitsubishielectric:rd78ghw_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:mitsubishielectric:rd78ghv_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:mitsubishielectric:rd78g4:-:*:*:*:*:*:*:* cpe:2.3:o:mitsubishielectric:rd78g32_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:mitsubishielectric:rd78ghv:-:*:*:*:*:*:*:* cpe:2.3:a:mitsubishielectric:melsoft_navigator:*:*:*:*:*:*:*:* cpe:2.3:a:mitsubishielectric:gx_works3:*:*:*:*:*:*:*:* cpe:2.3:a:mitsubishielectric:fr_configurator2:*:*:*:*:*:*:*:* cpe:2.3:a:mitsubishielectric:mt_works2:*:*:*:*:*:*:*:* cpe:2.3:o:mitsubishielectric:rd78g8_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:mitsubishielectric:rd78ghw:-:*:*:*:*:*:*:* cpe:2.3:h:mitsubishielectric:rd78g32:-:*:*:*:*:*:*:* cpe:2.3:h:mitsubishielectric:rd78g8:-:*:*:*:*:*:*:* cpe:2.3:a:mitsubishielectric:gx_works2:*:*:*:*:*:*:*:* cpe:2.3:a:mitsubishielectric:rt_toolbox3:*:*:*:*:*:*:*:* cpe:2.3:a:mitsubishielectric:cw_configurator:*:*:*:*:*:*:*:* cpe:2.3:h:mitsubishielectric:rd78g64:-:*:*:*:*:*:*:* cpe:2.3:o:mitsubishielectric:rd78g64_firmware:*:*:*:*:*:*:*:* cpe:2.3:a:mitsubishielectric:mi_configurator:*:*:*:*:*:*:*:* cpe:2.3:a:mitsubishielectric:mr_configurator2:*:*:*:*:*:*:*:* cpe:2.3:o:mitsubishielectric:rd78g4_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:mitsubishielectric:rd78g16:-:*:*:*:*:*:*:* |
|
CWE | CWE-22 | |
First Time |
Mitsubishielectric rd78g4
Mitsubishielectric Mitsubishielectric rt Toolbox3 Mitsubishielectric gx Works2 Mitsubishielectric rd78g16 Mitsubishielectric rd78g64 Firmware Mitsubishielectric cw Configurator Mitsubishielectric rd78g32 Firmware Mitsubishielectric gx Works3 Mitsubishielectric rd78ghv Firmware Mitsubishielectric rd78g8 Firmware Mitsubishielectric melsoft Navigator Mitsubishielectric rd78g8 Mitsubishielectric rd78ghv Mitsubishielectric rd78g32 Mitsubishielectric rd78ghw Firmware Mitsubishielectric mi Configurator Mitsubishielectric rd78g16 Firmware Mitsubishielectric fr Configurator2 Mitsubishielectric melsoft Iq Appportal Mitsubishielectric mx Component Mitsubishielectric mr Configurator2 Mitsubishielectric rd78ghw Mitsubishielectric rd78g64 Mitsubishielectric mt Works2 Mitsubishielectric rd78g4 Firmware |
|
CVSS |
v2 : v3 : |
v2 : 7.5
v3 : 9.8 |
References | (MISC) https://www.cisa.gov/uscert/ics/advisories/icsa-20-212-03 - Patch, Third Party Advisory, US Government Resource |
11 Feb 2022, 18:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-02-11 18:15
Updated : 2023-12-10 14:22
NVD link : CVE-2020-14523
Mitre link : CVE-2020-14523
CVE.ORG link : CVE-2020-14523
JSON object : View
Products Affected
mitsubishielectric
- mr_configurator2
- rd78ghv
- melsoft_navigator
- rd78g32_firmware
- cw_configurator
- rd78g4_firmware
- iu_developer2
- iu_configuration_tool
- mt_works2
- rd78ghv_firmware
- mi_configurator
- mx_component
- melsoft_iq_appportal
- rd78g64
- rd78g4
- rd78g32
- gx_works3
- gx_works2
- rd78g16_firmware
- rd78g8_firmware
- rd78g8
- rd78ghw
- rd78g16
- rt_toolbox3
- rd78ghw_firmware
- rd78g64_firmware
- fr_configurator2
CWE
CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')