CVSS: 10.0EPSS: 6%CPEs: 1EXPL: 0CVE-2017-9638 – Mitsubishi Electric E-Designer BECMpi Driver Configuration ClockDevice Stack-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2017-9638
Mitsubishi E-Designer, Version 7.52 Build 344 contains six code sections which may be exploited to overwrite the stack. This can result in arbitrary code execution, compromised data integrity, denial of service, and system crash. Mitsubishi E-Designer, Version 7.52 Build 344, contiene seis secciones de código que podrían ser explotadas para sobrescribir la pila. Esto puede resultar en la ejecución de código arbitrario, el compromiso de la integridad de los datos, denegación de servicio (DoS) y cierre inesperado del sistema. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mitsubishi Electric E-Designer. • http://www.securityfocus.com/bid/100097 https://ics-cert.us-cert.gov/advisories/ICSA-17-213-01 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-121: Stack-based Buffer Overflow •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2017-9634 – Mitsubishi Electric E-Designer Symbol xSize Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2017-9634
Mitsubishi E-Designer, Version 7.52 Build 344 contains two code sections which may be exploited to allow an attacker to overwrite arbitrary memory locations. This can result in arbitrary code execution, compromised data integrity, denial of service, and system crash. Mitsubishi E-Designer, Version 7.52 Build 344, contiene dos secciones de código que podrían ser explotadas para permitir que un atacante sobrescriba ubicaciones de memoria arbitrarias. Esto puede resultar en la ejecución de código arbitrario, el compromiso de la integridad de los datos, denegación de servicio (DoS) y cierre inesperado del sistema. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mitsubishi Electric E-Designer. • http://www.securityfocus.com/bid/100097 https://ics-cert.us-cert.gov/advisories/ICSA-17-213-01 • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2017-9636 – Mitsubishi Electric E-Designer BEMatsushita Driver Configuration TCP_IP_Address Heap-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2017-9636
Mitsubishi E-Designer, Version 7.52 Build 344 contains five code sections which may be exploited to overwrite the heap. This can result in arbitrary code execution, compromised data integrity, denial of service, and system crash. Mitsubishi E-Designer, Version 7.52 Build 344, contiene cinco secciones de código que podrían ser explotadas para sobrescribir la memoria dinámica (heap). Esto puede resultar en la ejecución de código arbitrario, el compromiso de la integridad de los datos, denegación de servicio (DoS) y cierre inesperado del sistema. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mitsubishi Electric E-Designer. • http://www.securityfocus.com/bid/100097 https://ics-cert.us-cert.gov/advisories/ICSA-17-213-01 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •