Page 3 of 25 results (0.007 seconds)

CVSS: 5.5EPSS: 0%CPEs: 43EXPL: 0

Denial of Service (DoS) vulnerability in Jungo WinDriver before 12.1.0 allows local attackers to cause a Windows blue screen error. Vulnerabilidad de denegación de servicio (DoS) en Jungo WinDriver anterior a 12.1.0 permite a atacantes locales provocar un error de pantalla azul de Windows. • https://jungo.com/windriver/versions https://www.cisa.gov/news-events/ics-advisories/icsa-24-135-04 https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2024-001_en.pdf •

CVSS: 9.8EPSS: 0%CPEs: 10EXPL: 0

Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') vulnerability in Mitsubishi Electric Corporation EZSocket versions 3.0 and later, FR Configurator2 all versions, GT Designer3 Version1(GOT1000) all versions, GT Designer3 Version1(GOT2000) all versions, GX Works2 versions 1.11M and later, GX Works3 all versions, MELSOFT Navigator versions 1.04E and later, MT Works2 all versions, MX Component versions 4.00A and later and MX OPC Server DA/UA all versions allows a remote unauthenticated attacker to execute a malicious code by RPC with a path to a malicious library while connected to the products. Vulnerabilidad de uso de entrada controlada externamente para seleccionar clases o código ("Reflexión insegura") en Mitsubishi Electric Corporation EZSocket versiones 3.0 y posteriores, FR Configurator2 todas las versiones, GT Designer3 Versión1(GOT1000) todas las versiones, GT Designer3 Versión1(GOT2000) todas las versiones , GX Works2 versiones 1.11M y posteriores, GX Works3 todas las versiones, MELSOFT Navigator versiones 1.04E y posteriores, MT Works2 todas las versiones, MX Component versiones 4.00A y posteriores y MX OPC Server DA/UA todas las versiones permiten que un atacante remoto no autenticado ejecute un código malicioso por RPC con una ruta a una librería maliciosa mientras está conectado a los productos. Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') vulnerability in Mitsubishi Electric Corporation EZSocket versions 3.0 and later, GT Designer3 Version1(GOT1000) all versions, GT Designer3 Version1(GOT2000) all versions, GX Works2 versions 1.11M and later, GX Works3 versions 1.106L and prior, MELSOFT Navigator versions 1.04E and later, MT Works2 all versions, MX Component versions 4.00A and later and MX OPC Server DA/UA all versions allows a remote unauthenticated attacker to execute a malicious code by RPC with a path to a malicious library while connected to the products. • https://jvn.jp/vu/JVNVU95103362 https://www.cisa.gov/news-events/ics-advisories/icsa-24-030-02 https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2023-020_en.pdf • CWE-470: Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') •

CVSS: 7.5EPSS: 0%CPEs: 10EXPL: 0

Missing Authentication for Critical Function vulnerability in Mitsubishi Electric Corporation EZSocket versions 3.0 and later, FR Configurator2 all versions, GT Designer3 Version1(GOT1000) all versions, GT Designer3 Version1(GOT2000) all versions, GX Works2 versions 1.11M and later, GX Works3 all versions, MELSOFT Navigator versions 1.04E and later, MT Works2 all versions, MX Component versions 4.00A and later and MX OPC Server DA/UA all versions allows a remote unauthenticated attacker to bypass authentication by sending specially crafted packets and connect to the products illegally. Autenticación faltante para vulnerabilidad de función crítica en Mitsubishi Electric Corporation EZSocket versiones 3.0 y posteriores, FR Configurator2 todas las versiones, GT Designer3 Versión1(GOT1000) todas las versiones, GT Designer3 Versión1(GOT2000) todas las versiones, GX Works2 versiones 1.11M y posteriores, GX Works3 todas versiones, MELSOFT Navigator versiones 1.04E y posteriores, MT Works2 todas las versiones, MX Component versiones 4.00A y posteriores y MX OPC Server DA/UA todas las versiones permiten a un atacante remoto no autenticado eludir la autenticación enviando paquetes especialmente manipulados y conectándose a los productos ilegalmente. Missing Authentication for Critical Function vulnerability in Mitsubishi Electric Corporation EZSocket versions 3.0 and later, GT Designer3 Version1(GOT1000) all versions, GT Designer3 Version1(GOT2000) all versions, GX Works2 versions 1.11M and later, GX Works3 versions 1.106L and prior, MELSOFT Navigator versions 1.04E and later, MT Works2 all versions, MX Component versions 4.00A and later and MX OPC Server DA/UA all versions allows a remote unauthenticated attacker to bypass authentication by sending specially crafted packets and connect to the products illegally. • https://jvn.jp/vu/JVNVU95103362 https://www.cisa.gov/news-events/ics-advisories/icsa-24-030-02 https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2023-020_en.pdf • CWE-306: Missing Authentication for Critical Function •

CVSS: 4.7EPSS: 0%CPEs: 1EXPL: 0

Improper Input Validation vulnerability in simulation function of GX Works2 allows an attacker to cause a denial-of-service (DoS) condition on the function by sending specially crafted packets. However, the attacker would need to send the packets from within the same personal computer where the function is running. Una vulnerabilidad de validación de entrada incorrecta en la función de simulación de GX Works2 permite a un atacante provocar una condición de Denegación de Servicio (DoS) en la función mediante el envío de paquetes especialmente manipulados. Sin embargo, el atacante necesitaría enviar los paquetes desde la misma maquina personal donde se ejecuta la función. • https://jvn.jp/vu/JVNVU98760962/index.html https://www.cisa.gov/news-events/ics-advisories/icsa-23-331-03 https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2023-015_en.pdf • CWE-20: Improper Input Validation •

CVSS: 4.7EPSS: 0%CPEs: 1EXPL: 0

Improper Input Validation vulnerability in simulation function of GX Works2 allows an attacker to cause a denial-of-service (DoS) condition on the function by sending specially crafted packets. However, the attacker would need to send the packets from within the same personal computer where the function is running. Una vulnerabilidad de validación de entrada incorrecta en la función de simulación de GX Works2 permite a un atacante provocar una condición de Denegación de Servicio (DoS) en la función mediante el envío de paquetes especialmente manipulados. Sin embargo, el atacante necesitaría enviar los paquetes desde la misma maquina personal donde se ejecuta la función. • https://jvn.jp/vu/JVNVU98760962/index.html https://www.cisa.gov/news-events/ics-advisories/icsa-23-331-03 https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2023-015_en.pdf • CWE-20: Improper Input Validation •