CVE-2024-8300 – Malicious Code Execution Vulnerability in GENESIS64
https://notcve.org/view.php?id=CVE-2024-8300
Dead Code vulnerability in ICONICS GENESIS64 Version 10.97.2, 10.97.2 CFR1, 10.97.2 CRF2 and 10.97.3 and Mitsubishi Electric GENESIS64 Version 10.97.2, 10.97.2 CFR1, 10.97.2 CRF2 and 10.97.3 allows a local authenticated attacker to execute a malicious code by tampering with a specially crafted DLL. This could lead to disclose, tamper with, destroy, or delete information in the affected products, or cause a denial of service (DoS) condition on the products. • https://jvn.jp/vu/JVNVU93891820 https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2024-010_en.pdf • CWE-561: Dead Code •
CVE-2022-40264 – ICONICS GENESIS64 PKGX File Parsing Directory Traversal Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-40264
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in ICONICS/Mitsubishi Electric GENESIS64 versions 10.96 to 10.97.2 allows an unauthenticated attacker to create, tamper with or destroy arbitrary files by getting a legitimate user import a project package file crafted by the attacker. Vulnerabilidad de limitación inadecuada de un nombre de ruta a un directorio restringido ("Path Traversal") en ICONICS/Mitsubishi Electric GENESIS64 versiones 10.96 a 10.97.2 permite a un atacante no autenticado crear, manipular o destruir archivos arbitrarios haciendo que un usuario legítimo importe un paquete de proyecto archivo creado por el atacante. The vulnerablity allows remote attackers to execute arbitrary code on affected installations of ICONICS GENESIS64. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PKGX files. When parsing the Name element, the process does not properly validate a user-supplied path prior to using it in file operations. • https://iconics.com/About/Security/CERT https://jvn.jp/vu/JVNVU95858406/index.html https://www.cisa.gov/uscert/ics/advisories/icsa-22-347-01 https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-014_en.pdf • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVE-2022-33319 – ICONICS GENESIS64 GenBroker64 Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2022-33319
Out-of-bounds Read vulnerability in ICONICS GENESIS64 versions 10.97.1 and prior and Mitsubishi Electric MC Works64 versions 4.04E (10.95.210.01) and prior allows a remote unauthenticated attacker to disclose information on memory or cause a Denial of Service (DoS) condition by sending specially crafted packets to the GENESIS64 server. Una vulnerabilidad de lectura fuera de los límites en las versiones 10.97.1 y anteriores de ICONICS GENESIS64 y en las versiones 4.04E (10.95.210.01) y anteriores de Mitsubishi Electric MC Works64 permite a un atacante remoto no autenticado divulgar información en la memoria o causar una condición de denegación de servicio (DoS) mediante el envío de paquetes especialmente diseñados al servidor GENESIS64 This vulnerability allows remote attackers to disclose sensitive information on affected installations of ICONICS GENESIS64 GenBroker64. Authentication is not required to exploit this vulnerability. The specific flaw exists within the GenBroker64 service, which listens on TCP port 38080 by default. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to disclose information in the context of the current process or to create a denial-of-service condition on the system. • https://jvn.jp/vu/JVNVU96480474/index.html https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-008_en.pdf • CWE-125: Out-of-bounds Read •
CVE-2022-33318 – ICONICS GENESIS64 genbroker64 Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-33318
Deserialization of Untrusted Data vulnerability in ICONICS GENESIS64 versions 10.97.1 and prior and Mitsubishi Electric MC Works64 versions 4.04E (10.95.210.01) and prior allows a remote unauthenticated attacker to execute an arbitrary malicious code by sending specially crafted packets to the GENESIS64 server. Una vulnerabilidad de Deserialización de Datos No Confiables en ICONICS GENESIS64 versiones 10.97.1 y anteriores y Mitsubishi Electric MC Works64 versiones 4.04E (10.95.210.01) y anteriores permite a un atacante remoto no autenticado ejecutar un código malicioso arbitrario mediante el envío de paquetes especialmente diseñados al servidor GENESIS64 This vulnerability allows remote attackers to execute arbitrary code on affected installations of ICONICS GENESIS64. Authentication is not required to exploit this vulnerability. The specific flaw exists within the GenBroker64 service. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the Administrator. • https://jvn.jp/vu/JVNVU96480474/index.html https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-008_en.pdf • CWE-502: Deserialization of Untrusted Data •
CVE-2022-33320 – ICONICS GENESIS64 PKGX File Parsing Deserialization of Untrusted Data Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-33320
Deserialization of Untrusted Data vulnerability in ICONICS GENESIS64 versions 10.97.1 and prior and Mitsubishi Electric MC Works64 versions 4.04E (10.95.210.01) and prior allows an unauthenticated attacker to execute an arbitrary malicious code by leading a user to load a project configuration file including malicious XML codes. Una vulnerabilidad de Deserialización de Datos No Confiables en ICONICS GENESIS64 versiones 10.97.1 y anteriores y Mitsubishi Electric MC Works64 versiones 4.04E (10.95.210.01) y anteriores permite a un atacante no autenticado ejecutar un código malicioso arbitrario al conllevar a un usuario a cargar un archivo de configuración de proyecto que incluye códigos XML maliciosos This vulnerability allows remote attackers to execute arbitrary code on affected installations of ICONICS GENESIS64. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PKGX files. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of the current process. • https://jvn.jp/vu/JVNVU96480474/index.html https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-008_en.pdf • CWE-502: Deserialization of Untrusted Data •