CVE-2023-4088
Malicious Code Execution Vulnerability in FA Engineering Software Products
Incorrect Default Permissions vulnerability in Mitsubishi Electric Corporation multiple FA engineering software products allows a malicious local attacker to execute a malicious code, resulting in information disclosure, tampering with and deletion, or a denial-of-service (DoS) condition, if the product is installed in a folder other than the default installation folder.
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Produtos afetados
Mitsubishi Electric Corporation · AL-PCS/WIN-EMitsubishi Electric Corporation · CPU Module Logging Configuration ToolMitsubishi Electric Corporation · Data TransferMitsubishi Electric Corporation · Data Transfer ClassicMitsubishi Electric Corporation · EZSocketMitsubishi Electric Corporation · FR Configurator2Mitsubishi Electric Corporation · FX Configurator-ENMitsubishi Electric Corporation · FX Configurator-EN-LMitsubishi Electric Corporation · FX Configurator-FPMitsubishi Electric Corporation · GT Designer3 Version1(GOT1000)Mitsubishi Electric Corporation · GT Designer3 Version1(GOT2000)Mitsubishi Electric Corporation · GT SoftGOT1000 Version3Mitsubishi Electric Corporation · GT SoftGOT2000 Version1Mitsubishi Electric Corporation · GX LogViewerMitsubishi Electric Corporation · GX Works2Mitsubishi Electric Corporation · GX Works3Mitsubishi Electric Corporation · MELSOFT FieldDeviceConfiguratorMitsubishi Electric Corporation · MELSOFT iQ AppPortalMitsubishi Electric Corporation · MELSOFT MaiLabMitsubishi Electric Corporation · MELSOFT NavigatorMitsubishi Electric Corporation · MELSOFT Update ManagerMitsubishi Electric Corporation · MX ComponentMitsubishi Electric Corporation · MX SheetMitsubishi Electric Corporation · PX DeveloperMitsubishi Electric Corporation · RT ToolBox3Mitsubishi Electric Corporation · RT VisualBoxQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →