CVSS: 6.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-29833
https://notcve.org/view.php?id=CVE-2022-29833
24 Nov 2022 — Insufficiently Protected Credentials vulnerability in Mitsubishi Electric Corporation GX Works3 versions 1.015R and later allows a remote unauthenticated attacker to disclose sensitive information. As a result, unauthenticated users could access to MELSEC safety CPU modules illgally. Vulnerabilidad de credenciales insuficientemente protegidas en Mitsubishi Electric Corporation GX Works3 versiones 1.015R y posteriores permite que un atacante remoto no autenticado revele información sensible. Como resultado, ... • https://jvn.jp/vu/JVNVU97244961 • CWE-522: Insufficiently Protected Credentials •
CVSS: 6.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-29832
https://notcve.org/view.php?id=CVE-2022-29832
24 Nov 2022 — Cleartext Storage of Sensitive Information in Memory vulnerability in Mitsubishi Electric Corporation GX Works3 versions 1.015R and later, GX Works2 all versions and GX Developer versions 8.40S and later allows a remote unauthenticated attacker to disclose sensitive information. As a result, unauthenticated users could obtain information about the project file for MELSEC safety CPU modules or project file for MELSEC Q/FX/L series with security setting. Vulnerabilidad de almacenamiento de texto sin cifrar de... • https://jvn.jp/vu/JVNVU97244961 • CWE-312: Cleartext Storage of Sensitive Information CWE-316: Cleartext Storage of Sensitive Information in Memory •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-29831
https://notcve.org/view.php?id=CVE-2022-29831
24 Nov 2022 — Use of Hard-coded Password vulnerability in Mitsubishi Electric Corporation GX Works3 versions from 1.015R to 1.095Z allows a remote unauthenticated attacker to obtain information about the project file for MELSEC safety CPU modules. El uso de la vulnerabilidad de contraseña codificada en Mitsubishi Electric Corporation GX Works3 desde la versión 1.015R hasta 1.095Z permite a un atacante remoto no autenticado obtener información sobre el archivo de proyecto para los módulos de CPU de seguridad MELSEC. • https://jvn.jp/vu/JVNVU97244961 • CWE-259: Use of Hard-coded Password CWE-798: Use of Hard-coded Credentials •
CVSS: 9.4EPSS: 0%CPEs: 3EXPL: 0CVE-2022-29830
https://notcve.org/view.php?id=CVE-2022-29830
24 Nov 2022 — Use of Hard-coded Cryptographic Key vulnerability in Mitsubishi Electric GX Works3 versions from 1.000A to 1.095Z and Motion Control Setting(GX Works3 related software) versions from 1.000A and later allows a remote unauthenticated attacker to disclose or tamper with sensitive information. As a result, unauthenticated attackers may obtain information about project files illegally. El uso de una vulnerabilidad de clave criptográfica codificada en Mitsubishi Electric GX Works3 en las versiones 1.000A hasta 1.... • https://jvn.jp/vu/JVNVU97244961/index.html • CWE-321: Use of Hard-coded Cryptographic Key CWE-798: Use of Hard-coded Credentials •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-29829
https://notcve.org/view.php?id=CVE-2022-29829
24 Nov 2022 — Use of Hard-coded Cryptographic Key vulnerability in Mitsubishi Electric GX Works3 versions from 1.000A to 1.090U, GT Designer3 Version1 (GOT2000) versions from 1.122C to 1.290C and Motion Control Setting(GX Works3 related software) versions from 1.035M to 1.042U allows a remote unauthenticated attacker to disclose sensitive information. As a result, unauthenticated users may view programs and project files or execute programs illegally. Uso de vulnerabilidad de clave criptográfica codificada en Mitsubishi ... • https://jvn.jp/vu/JVNVU97244961/index.html • CWE-321: Use of Hard-coded Cryptographic Key CWE-798: Use of Hard-coded Credentials •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-29828
https://notcve.org/view.php?id=CVE-2022-29828
24 Nov 2022 — Use of Hard-coded Cryptographic Key vulnerability in Mitsubishi Electric GX Works3 versions from 1.000A and later allows a remote unauthenticated attacker to disclose sensitive information. As a result, unauthenticated attackers may view programs and project file or execute programs illegally. El uso de una vulnerabilidad de clave criptográfica codificada en las versiones 1.000A y posteriores de Mitsubishi Electric GX Works3 permite que un atacante remoto no autenticado revele información sensible. Como res... • https://jvn.jp/vu/JVNVU97244961/index.html • CWE-321: Use of Hard-coded Cryptographic Key CWE-798: Use of Hard-coded Credentials •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-29827
https://notcve.org/view.php?id=CVE-2022-29827
24 Nov 2022 — Use of Hard-coded Cryptographic Key vulnerability in Mitsubishi Electric GX Works3 versions from 1.000A and later allows a remote unauthenticated attacker to disclose sensitive information. As a result, unauthenticated attackers may view programs and project files or execute programs illegally. El uso de una vulnerabilidad de clave criptográfica codificada en las versiones 1.000A y posteriores de Mitsubishi Electric GX Works3 permite que un atacante remoto no autenticado revele información sensible. Como re... • https://jvn.jp/vu/JVNVU97244961/index.html • CWE-321: Use of Hard-coded Cryptographic Key CWE-798: Use of Hard-coded Credentials •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-29826
https://notcve.org/view.php?id=CVE-2022-29826
24 Nov 2022 — Cleartext Storage of Sensitive Information vulnerability in Mitsubishi Electric GX Works3 versions from 1.000A to 1.087R and Motion Control Setting(GX Works3 related software) versions from 1.000A to 1.042U allows a remote unauthenticated attacker to disclose sensitive information. As a result, unauthenticated users may view programs and project files or execute programs illegally. Vulnerabilidad de almacenamiento de texto sin cifrar de información sensible en las versiones de Mitsubishi Electric GX Works3 ... • https://jvn.jp/vu/JVNVU97244961/index.html • CWE-312: Cleartext Storage of Sensitive Information •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-29825
https://notcve.org/view.php?id=CVE-2022-29825
24 Nov 2022 — Use of Hard-coded Password vulnerability in Mitsubishi Electric GX Works3 versions from 1.000A to 1.090U and GT Designer3 Version1 (GOT2000) versions from 1.122C to 1.290C allows an unauthenticated attacker to disclose sensitive information. As a result, unauthenticated users may view programs and project files or execute programs illegally. El uso de la vulnerabilidad de contraseña codificada en las versiones Mitsubishi Electric GX Works3 de 1.000A a 1.090U y GT Designer3 Versión1 (GOT2000) de 1.122C a 1.2... • https://jvn.jp/vu/JVNVU97244961/index.html • CWE-259: Use of Hard-coded Password CWE-798: Use of Hard-coded Credentials •
CVSS: 8.6EPSS: 0%CPEs: 4EXPL: 0CVE-2022-25164
https://notcve.org/view.php?id=CVE-2022-25164
24 Nov 2022 — Cleartext Storage of Sensitive Information vulnerability in Mitsubishi Electric GX Works3 versions from 1.000A to 1.095Z and Mitsubishi Electric MX OPC UA Module Configurator-R versions 1.08J and prior allows a remote unauthenticated attacker to disclose sensitive information. As a result, unauthenticated attackers can gain unauthorized access to the MELSEC CPU module and the MELSEC OPC UA server module. Vulnerabilidad de almacenamiento de texto sin cifrar de información confidencial en Mitsubishi Electric ... • https://jvn.jp/vu/JVNVU97244961/index.html • CWE-312: Cleartext Storage of Sensitive Information •