CRITICAL🇬🇧 English

CVE-2020-12013

CVSS 9.1v3.1pub. 2020-07-16upd. 2024-11-21

A specially crafted WCF client that interfaces to the may allow the execution of certain arbitrary SQL commands remotely. This affects: Mitsubishi Electric MC Works64 Version 4.02C (10.95.208.31) and earlier, all versions; Mitsubishi Electric MC Works32 Version 3.00A (9.50.255.02); ICONICS GenBroker64, Platform Services, Workbench, FrameWorX Server v10.96 and prior; ICONICS GenBroker32 v9.5 and prior.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
  • Iconics Bizviz

    APP
    Iconics
    wszystkie wersje
  • Iconics Energy Analytix

    APP
    Iconics
    wszystkie wersje
  • Iconics Facility Analytix

    APP
    Iconics
    wszystkie wersje
  • Iconics Genesis32

    APP
    Iconics
    wszystkie wersje
  • Iconics Genesis64

    APP
    Iconics
    wszystkie wersje
  • Iconics Hyper Historian

    APP
    Iconics
    wszystkie wersje
  • Iconics Mobilehmi

    APP
    Iconics
    wszystkie wersje
  • Iconics Quality Analytix

    APP
    Iconics
    wszystkie wersje
  • Iconics Smart Energy Analytix

    APP
    Iconics
    wszystkie wersje
  • Mitsubishielectric Mc Works32

    APP
    Mitsubishielectric
    9.50.255.02
  • Mitsubishielectric Mc Works64

    APP
    Mitsubishielectric
    ≤ 10.95.208.31
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
SQLi
CWE
Referencje

Powiązane podatności

CVE-2023-6943CRITICAL9.8PL ✓ten sam produkt

Unsafe Reflection w oprogramowaniu Mitsubishi Electric — zdalne wykonanie kodu

CVE-2022-33318CRITICAL9.8ten sam produkt

Deserialization of Untrusted Data vulnerability in Mitsubishi Electric GENESIS64 versions 10.97 to 10.97.1, Mi...

CVE-2022-23128CRITICAL9.8ten sam produkt

Incomplete List of Disallowed Inputs vulnerability in Mitsubishi Electric MC Works64 versions 4.00A (10.95.201...

CVE-2020-12011CRITICAL9.8ten sam produkt

A specially crafted communication packet sent to the affected systems could cause a denial-of-service conditio...

CVE-2020-12007CRITICAL9.8ten sam produkt

A specially crafted communication packet sent to the affected devices could allow remote code execution and a ...

CVE-2020-12013 — CRITICAL 9.1 | CVEbaza.pl