CRITICAL🇵🇱 Wersja polska

CVE-2023-4088

CVSS 9.3v3.1pub. 2023-09-20upd. 2024-11-21

Incorrect Default Permissions vulnerability in Mitsubishi Electric Corporation multiple FA engineering software products allows a malicious local attacker to execute a malicious code, resulting in information disclosure, tampering with and deletion, or a denial-of-service (DoS) condition, if the product is installed in a folder other than the default installation folder.

CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
  • Mitsubishielectric Gx Works3

    APP
    Mitsubishielectric
    wszystkie wersje
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2023-6943CRITICAL9.8PL ✓ten sam produkt

Unsafe Reflection w oprogramowaniu Mitsubishi Electric — zdalne wykonanie kodu

CVE-2022-29830CRITICAL9.1ten sam produkt

Use of Hard-coded Cryptographic Key vulnerability in Mitsubishi Electric GX Works3 versions from 1.000A to 1.0...

CVE-2024-22106HIGH7.8ten sam produkt

Improper privilege management in Jungo WinDriver before 12.5.1 allows local attackers to escalate privileges, ...

CVE-2023-51776HIGH7.8ten sam produkt

Improper privilege management in Jungo WinDriver before 12.1.0 allows local attackers to escalate privileges a...

CVE-2024-25086HIGH7.8ten sam produkt

Improper privilege management in Jungo WinDriver before 12.2.0 allows local attackers to escalate privileges a...