CVE-2022-29825
Severity Score
7.5
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Use of Hard-coded Password vulnerability in Mitsubishi Electric GX Works3 versions from 1.000A to 1.090U and GT Designer3 Version1 (GOT2000) versions from 1.122C to 1.290C allows an unauthenticated attacker to disclose sensitive information. As a result, unauthenticated users may view programs and project files or execute programs illegally.
El uso de la vulnerabilidad de contraseña codificada en las versiones Mitsubishi Electric GX Works3 de 1.000A a 1.090U y GT Designer3 Versión1 (GOT2000) de 1.122C a 1.290C permite que un atacante no autenticado revele información sensible. Como resultado, los usuarios no autenticados pueden ver programas y archivos de proyectos o ejecutar programas ilegalmente.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2022-04-27 CVE Reserved
- 2022-11-24 CVE Published
- 2024-06-16 EPSS Updated
- 2024-08-03 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-259: Use of Hard-coded Password
- CWE-798: Use of Hard-coded Credentials
CAPEC
References (3)
| URL | Tag | Source |
|---|---|---|
| https://jvn.jp/vu/JVNVU97244961/index.html | Government Resource | |
| https://www.cisa.gov/uscert/ics/advisories/icsa-22-333-05 | Government Resource |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-015_en.pdf | 2023-05-31 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Mitsubishielectric Search vendor "Mitsubishielectric" | Gx Works3 Search vendor "Mitsubishielectric" for product "Gx Works3" | >= 1.000a <= 1.011m Search vendor "Mitsubishielectric" for product "Gx Works3" and version " >= 1.000a <= 1.011m" | - |
Affected
| ||||||
| Mitsubishielectric Search vendor "Mitsubishielectric" | Gx Works3 Search vendor "Mitsubishielectric" for product "Gx Works3" | >= 1.015r <= 1.086q Search vendor "Mitsubishielectric" for product "Gx Works3" and version " >= 1.015r <= 1.086q" | - |
Affected
| ||||||
| Mitsubishielectric Search vendor "Mitsubishielectric" | Gx Works3 Search vendor "Mitsubishielectric" for product "Gx Works3" | >= 1.087r Search vendor "Mitsubishielectric" for product "Gx Works3" and version " >= 1.087r" | - |
Affected
| ||||||