CVE-2024-7587

all versions

Incorrect Default Permissions vulnerability in GenBroker32, which is included in the installers for Mitsubishi Electric GENESIS64

7.8HIGH

CVE-2023-6943

all versions

Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') vulnerability in Mitsubishi Electric Corporatio

9.8CRITICAL

CVE-2023-6942

all versions

Missing Authentication for Critical Function vulnerability in Mitsubishi Electric Corporation EZSocket versions 3.0 to 5.92, GT De

7.5HIGH

CVE-2022-33320

<= 10.95.210.01

Deserialization of Untrusted Data vulnerability in Mitsubishi Electric GENESIS64 versions 10.97 to 10.97.1, Mitsubishi Electric Ic

7.8HIGH

CVE-2022-33319

<= 10.95.210.01

Out-of-bounds Read vulnerability in Mitsubishi Electric GENESIS64 versions 10.97 to 10.97.1, Mitsubishi Electric Iconics Digital S

8.2HIGH

CVE-2022-33318

<= 10.95.210.01

Deserialization of Untrusted Data vulnerability in Mitsubishi Electric GENESIS64 versions 10.97 to 10.97.1, Mitsubishi Electric Ic

9.8CRITICAL

CVE-2022-33317

<= 10.95.210.01

Inclusion of Functionality from Untrusted Control Sphere vulnerability in Mitsubishi Electric GENESIS64 versions 10.97 to 10.97.1,

7.8HIGH

CVE-2022-33316

<= 10.95.210.01

Deserialization of Untrusted Data vulnerability in Mitsubishi Electric GENESIS64 versions 10.97 to 10.97.1, Mitsubishi Electric Ic

7.8HIGH

CVE-2022-33315

<= 10.95.210.01

Deserialization of Untrusted Data vulnerability in Mitsubishi Electric GENESIS64 versions 10.97 to 10.97.1, Mitsubishi Electric Ic

7.8HIGH

CVE-2022-23130

>= 10.95.201.23 and <= 10.95.210.01

Buffer Over-read vulnerability in Mitsubishi Electric MC Works64 versions 4.00A to 4.04E, Mitsubishi Electric GENESIS64 versions 1

5.9MEDIUM

CVE-2022-23129

< 10.95.210.01

Plaintext Storage of a Password vulnerability in Mitsubishi Electric MC Works64 versions 4.04E (10.95.210.01) and prior and ICONIC

5.5MEDIUM

CVE-2022-23128

>= 10.95.201.23 and <= 10.95.210.01

Incomplete List of Disallowed Inputs vulnerability in Mitsubishi Electric MC Works64 versions 4.00A (10.95.201.23) to 4.04E (10.95

9.8CRITICAL

CVE-2022-23127

< 10.95.210.01

Cross-site Scripting vulnerability in Mitsubishi Electric MC Works64 versions 4.04E (10.95.210.01) and prior and ICONICS MobileHMI

6.1MEDIUM

CVE-2021-27041

<= 4.04e

A maliciously crafted DWG file can be used to write beyond the allocated buffer while parsing DWG files. This vulnerability can be

7.8HIGH

CVE-2021-27040

<= 4.04e

A maliciously crafted DWG file can be forced to read beyond allocated boundaries when parsing the DWG file. This vulnerability can

3.3LOW

CVE-2020-12015

all versions

A specially crafted communication packet sent to the affected systems could cause a denial-of-service condition due to improper de

7.5HIGH

CVE-2020-12013

all versions

A specially crafted WCF client that interfaces to the may allow the execution of certain arbitrary SQL commands remotely. This aff

9.1CRITICAL

CVE-2020-12007

all versions

A specially crafted communication packet sent to the affected devices could allow remote code execution and a denial-of-service co

9.8CRITICAL

CVE-2020-12009

all versions

A specially crafted communication packet sent to the affected device could cause a denial-of-service condition due to a deserializ

7.5HIGH

CVE-2020-12011

all versions

A specially crafted communication packet sent to the affected systems could cause a denial-of-service condition or allow remote co

9.8CRITICAL