Vulnerabilities > CVE-2020-14496 - Unspecified vulnerability in Mitsubishielectric products

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

mitsubishielectric

NVD

Published: 2022-05-19

Updated: 2022-06-07

Summary

Successful exploitation of this vulnerability for multiple Mitsubishi Electric Factory Automation Engineering Software Products of various versions could allow an attacker to escalate privilege and execute malicious programs, which could cause a denial-of-service condition, and allow information to be disclosed, tampered with, and/or destroyed.

Vulnerable Configurations

Part	Description	Count
Application	Mitsubishielectric Mitsubishielectric M Commdtm Hart - Mitsubishielectric GX Works3 - Mitsubishielectric GX Works3 1.060N Mitsubishielectric GX Works3 1.063R Mitsubishielectric GX Works2 - Mitsubishielectric GX Works2 1.590Q Mitsubishielectric GX Works2 1.595V Mitsubishielectric GX Logviewer - Mitsubishielectric GX Logviewer 1.100E Mitsubishielectric GT Softgot2000 - Mitsubishielectric GT Softgot2000 1.0 Mitsubishielectric GT Softgot2000 1.170C Mitsubishielectric GT Softgot1000 - Mitsubishielectric GT Softgot1000 3.0 Mitsubishielectric GT Softgot1000 3.200J Mitsubishielectric GT Designer3 - Mitsubishielectric GT Designer3 1.221F Mitsubishielectric FR Configurator2 - Mitsubishielectric FR Configurator2 1.22Y Mitsubishielectric Ezsocket - Mitsubishielectric Data Transfer - Mitsubishielectric CW Configurator - Mitsubishielectric CW Configurator 1.010L Mitsubishielectric CPU Module Logging Configuration Tool - Mitsubishielectric CPU Module Logging Configuration Tool 1.94Y Mitsubishielectric CPU Module Logging Configuration Tool 1.100E Mitsubishielectric RT Toolbox3 - Mitsubishielectric RT Toolbox3 1.60N Mitsubishielectric RT Toolbox3 1.70Y Mitsubishielectric RT Toolbox2 - Mitsubishielectric PX Developer - Mitsubishielectric Network Interface Board Mneth Utility - Mitsubishielectric Network Interface Board CC Link Ver.2 Utility - Mitsubishielectric Network Interface Board CC IE Field Utility - Mitsubishielectric Network Interface Board CC IE Control Utility - Mitsubishielectric MX Component - Mitsubishielectric MT Works2 - Mitsubishielectric MT Works2 1.156N Mitsubishielectric MT Works2 1.160S Mitsubishielectric MR Configurator2 - Mitsubishielectric MR Configurator2 1.100E Mitsubishielectric Motorizer - Mitsubishielectric Motorizer 1.005F Mitsubishielectric Mh11 Settingtool Version2 - Mitsubishielectric Melsoft Navigator - Mitsubishielectric Melsoft Navigator 2.62Q Mitsubishielectric Melsoft Fielddeviceconfigurator - Mitsubishielectric Melsoft Fielddeviceconfigurator 1.04E Mitsubishielectric EM Configurator - Mitsubishielectric EM Configurator 1.010L Mitsubishielectric Melfa Works - Mitsubishielectric M Commdtm IO Link - Mitsubishielectric M Commdtm IO Link 1.03D	53

References

https://www.cisa.gov/uscert/ics/advisories/icsa-20-212-02