NotCVE - vendor:"Mitsubishi Electric Corporation" product:"MC Works64"

6 results (0.022 seconds)

CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0

CVE-2024-9852 – Malicious Code Execution Vulnerability in GENESIS64 and MC Works64

https://notcve.org/view.php?id=CVE-2024-9852

28 Nov 2024 — Uncontrolled Search Path Element vulnerability in ICONICS GENESIS64 all versions, Mitsubishi Electric GENESIS64 all versions and Mitsubishi Electric MC Works64 all versions allows a local authenticated attacker to execute a malicious code by storing a specially crafted DLL in a specific folder. This could lead to disclose, tamper with, destroy, or delete information in the affected products, or cause a denial of service (DoS) condition on the products. • https://jvn.jp/vu/JVNVU93891820 • CWE-427: Uncontrolled Search Path Element •

CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0

CVE-2024-8299 – Malicious Code Execution Vulnerability in GENESIS64 and MC Works64

https://notcve.org/view.php?id=CVE-2024-8299

CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0

CVE-2024-7587 – Information Disclosure, Information Tampering and Denial of Service (DoS) Vulnerability in GENESIS64 and MC Works64

https://notcve.org/view.php?id=CVE-2024-7587

22 Oct 2024 — Incorrect Default Permissions vulnerability in GenBroker32, which is included in the installers for ICONICS GENESIS64 version 10.97.3 and prior, Mitsubishi Electric GENESIS64 version 10.97.3 and prior and Mitsubishi Electric MC Works64 all versions allows a local authenticated attacker to disclose or tamper with confidential information and data contained in the products, or cause a denial of service (DoS) condition on the products, by accessing a folder with incorrect permissions, when GenBroker32 is insta... • https://jvn.jp/vu/JVNVU95548104 • CWE-276: Incorrect Default Permissions •

CVSS: 6.7EPSS: 0%CPEs: 1EXPL: 0

CVE-2024-1574

https://notcve.org/view.php?id=CVE-2024-1574

04 Jul 2024 — Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') vulnerability in the licensing feature of ICONICS GENESIS64 versions 10.97 to 10.97.2, Mitsubishi Electric GENESIS64 versions 10.97 to 10.97.2 and Mitsubishi Electric MC Works64 all versions allows a local attacker to execute a malicious code with administrative privileges by tampering with a specific file that is not protected by the system. El uso de entrada controlada externamente para seleccionar clases o vulnerabilidad d... • https://jvn.jp/vu/JVNVU98894016 • CWE-470: Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

CVE-2024-1573

https://notcve.org/view.php?id=CVE-2024-1573

04 Jul 2024 — Improper Authentication vulnerability in the mobile monitoring feature of ICONICS GENESIS64 versions 10.97 to 10.97.2, Mitsubishi Electric GENESIS64 versions 10.97 to 10.97.2 and Mitsubishi Electric MC Works64 all versions allows a remote unauthenticated attacker to bypass proper authentication and log in to the system when all of the following conditions are met: * Active Directory is used in the security setting. * “Automatic log in” option is enabled in the security setting. * The IcoAnyGlass IIS Applica... • https://jvn.jp/vu/JVNVU98894016 • CWE-287: Improper Authentication •

CVSS: 7.0EPSS: 0%CPEs: 3EXPL: 0

CVE-2024-1182

https://notcve.org/view.php?id=CVE-2024-1182

04 Jul 2024 — Uncontrolled Search Path Element vulnerability in ICONICS GENESIS64 all versions, Mitsubishi Electric GENESIS64 all versions and Mitsubishi Electric MC Works64 all versions allows a local attacker to execute a malicious code by storing a specially crafted DLL in a specific folder when GENESIS64 and MC Works64 are installed with the Pager agent in the alarm multi-agent notification feature. Vulnerabilidad no controlada del elemento de ruta de búsqueda en ICONICS GENESIS64 todas las versiones, Mitsubishi Elec... • https://jvn.jp/vu/JVNVU98894016 • CWE-427: Uncontrolled Search Path Element •