CVE-2024-1182
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Uncontrolled Search Path Element vulnerability in ICONICS GENESIS64 all versions, Mitsubishi Electric GENESIS64 all versions and Mitsubishi Electric MC Works64 all versions allows a local attacker to execute a malicious code by storing a specially crafted DLL in a specific folder when GENESIS64 and MC Works64 are installed with the Pager agent in the alarm multi-agent notification feature.
Vulnerabilidad no controlada del elemento de ruta de búsqueda en ICONICS GENESIS64 todas las versiones, Mitsubishi Electric GENESIS64 todas las versiones y Mitsubishi Electric MC Works64 todas las versiones permite a un atacante local ejecutar un código malicioso almacenando una DLL especialmente manipulada en una carpeta específica cuando GENESIS64 y MC Works64 están instalados con el agente buscapersonas en la función de notificación de alarma de múltiples agentes.
CVSS Scores
SSVC
- Decision:Track*
Timeline
- 2024-02-02 CVE Reserved
- 2024-07-04 CVE Published
- 2024-07-05 EPSS Updated
- 2024-08-19 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-427: Uncontrolled Search Path Element
CAPEC
References (3)
| URL | Tag | Source |
|---|---|---|
| https://jvn.jp/vu/JVNVU98894016 | Government Resource | |
| https://www.cisa.gov/news-events/ics-advisories/icsa-24-184-03 | Government Resource |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2024-004_en.pdf | 2024-07-04 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| ICONICS Search vendor "ICONICS" | GENESIS64 Search vendor "ICONICS" for product "GENESIS64" | <= Search vendor "ICONICS" for product "GENESIS64" and version " <= " | en |
Affected
| ||||||
| Mitsubishi Electric Corporation Search vendor "Mitsubishi Electric Corporation" | GENESIS64 Search vendor "Mitsubishi Electric Corporation" for product "GENESIS64" | <= Search vendor "Mitsubishi Electric Corporation" for product "GENESIS64" and version " <= " | en |
Affected
| ||||||
| Mitsubishi Electric Corporation Search vendor "Mitsubishi Electric Corporation" | MC Works64 Search vendor "Mitsubishi Electric Corporation" for product "MC Works64" | <= Search vendor "Mitsubishi Electric Corporation" for product "MC Works64" and version " <= " | en |
Affected
| ||||||