CVE-2025-0921 – Information Tampering Vulnerability in Multi-agent Notification Feature of GENESIS64 and MC Works64

https://notcve.org/view.php?id=CVE-2025-0921

15 May 2025 — Execution with Unnecessary Privileges vulnerability in the Pager agent of multi-agent notification feature in Mitsubishi Electric Iconics Digital Solutions GENESIS64 prior to 10.97.3, Mitsubishi Electric GENESIS64 all versions and Mitsubishi Electric MC Works64 all versions allows a local authenticated attacker to make an unauthorized write to arbitrary files, by creating a symbolic link from a file used as a write destination by the services of the affected products to a target file. This could allow the a... • https://jvn.jp/vu/JVNVU93838985 • CWE-250: Execution with Unnecessary Privileges •