Vulnerabilities > Mitsubishielectric > Melsoft Navigator > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-30 | CVE-2023-6942 | Unspecified vulnerability in Mitsubishielectric products Missing Authentication for Critical Function vulnerability in Mitsubishi Electric Corporation EZSocket versions 3.0 and later, GT Designer3 Version1(GOT1000) all versions, GT Designer3 Version1(GOT2000) all versions, GX Works2 versions 1.11M and later, GX Works3 versions 1.106L and prior, MELSOFT Navigator versions 1.04E and later, MT Works2 all versions, MX Component versions 4.00A and later and MX OPC Server DA/UA all versions allows a remote unauthenticated attacker to bypass authentication by sending specially crafted packets and connect to the products illegally. | 7.5 |
| 2023-11-30 | CVE-2023-5247 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Mitsubishielectric products Malicious Code Execution Vulnerability due to External Control of File Name or Path in multiple Mitsubishi Electric FA Engineering Software Products allows a malicious attacker to execute a malicious code by having legitimate users open a specially crafted project file, which could result in information disclosure, tampering and deletion, or a denial-of-service (DoS) condition. | 7.8 |
| 2020-06-30 | CVE-2020-5603 | Resource Exhaustion vulnerability in Mitsubishielectric products Uncontrolled resource consumption vulnerability in Mitsubishi Electoric FA Engineering Software (CPU Module Logging Configuration Tool Ver. | 7.5 |
| 2020-06-30 | CVE-2020-5602 | XXE vulnerability in Mitsubishielectric products Mitsubishi Electoric FA Engineering Software (CPU Module Logging Configuration Tool Ver. | 7.5 |