Versio.io

CVE-2020-14521

Common vulnerabilities & exposures (CVE)

CVE databaseCVE database blogpostRelease & EoL database
 
Published at: - 11-02-2022 07:15
Last modified: - 10-03-2022 05:42
Total changes: - 5

Description

Multiple Mitsubishi Electric Factory Automation engineering software products have a malicious code execution vulnerability. A malicious attacker could use this vulnerability to obtain information, modify information, and cause a denial-of-service condition.

Common Vulnerability Scoring System (CVSS)

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Low
Attack complexity
Network
Attack vector
High
Availability
High
Confidentiality
High
Integrity
None
Privileges required
Unchanged
Scope
None
User interaction
9.8
Base score
3.9
5.9
Exploitability score
Impact score
 

Verification logic

OR
OR
vendor=mitsubishielectric AND product=c_controller_interface_module_utility
vendor=mitsubishielectric AND product=c_controller_module_setting_and_monitoring_tool
vendor=mitsubishielectric AND product=cc-link_ie_control_network_data_collector AND version=1.00a
vendor=mitsubishielectric AND product=cc-link_ie_field_network_data_collector AND version=1.00a
vendor=mitsubishielectric AND product=cc-link_ie_tsn_data_collector AND version=1.00a
vendor=mitsubishielectric AND product=cpu_module_logging_configuration_tool AND versionEndIncluding=1.100e
vendor=mitsubishielectric AND product=cw_configurator AND versionEndIncluding=1.010l
vendor=mitsubishielectric AND product=data_transfer AND versionEndIncluding=3.42u
vendor=mitsubishielectric AND product=ezsocket AND versionEndIncluding=5.1
vendor=mitsubishielectric AND product=fr_configurator2
vendor=mitsubishielectric AND product=fr_configurator_sw3
vendor=mitsubishielectric AND product=gt_designer2_classic
vendor=mitsubishielectric AND product=gt_softgot1000 AND versionEndIncluding=3.200j AND versionStartIncluding=3.0
vendor=mitsubishielectric AND product=gt_softgot2000 AND versionEndIncluding=1.241b AND versionStartIncluding=1.0
vendor=mitsubishielectric AND product=gx_developer AND versionEndIncluding=8.504a
vendor=mitsubishielectric AND product=gx_logviewer AND versionEndIncluding=1.100e
vendor=mitsubishielectric AND product=gx_works2 AND versionEndIncluding=1.601b
vendor=mitsubishielectric AND product=gx_works3 AND versionEndIncluding=1.063r
vendor=mitsubishielectric AND product=m_commdtm-io-link
vendor=mitsubishielectric AND product=melfa-works AND versionEndIncluding=4.4
vendor=mitsubishielectric AND product=melsec_wincpu_setting_utility
vendor=mitsubishielectric AND product=melsoft_complete_clean_up_tool AND versionEndIncluding=1.06g
vendor=mitsubishielectric AND product=melsoft_em_software_development_kit
vendor=mitsubishielectric AND product=melsoft_iq_appportal AND versionEndIncluding=1.17t
vendor=mitsubishielectric AND product=melsoft_navigator AND versionEndIncluding=2.74c
vendor=mitsubishielectric AND product=mi_configurator
vendor=mitsubishielectric AND product=motion_control_setting AND versionEndIncluding=1.005f
vendor=mitsubishielectric AND product=motorizer AND versionEndIncluding=1.005f
vendor=mitsubishielectric AND product=mr_configurator2 AND versionEndIncluding=1.125f
vendor=mitsubishielectric AND product=mt_works2 AND versionEndIncluding=1.167z
vendor=mitsubishielectric AND product=mtconnect_data_collector AND versionEndIncluding=1.1.4.0
vendor=mitsubishielectric AND product=mx_component AND versionEndIncluding=4.20w
vendor=mitsubishielectric AND product=mx_mesinterface AND versionEndIncluding=1.21x
vendor=mitsubishielectric AND product=mx_mesinterface-r AND versionEndIncluding=1.12n
vendor=mitsubishielectric AND product=mx_sheet AND versionEndIncluding=2.15r
vendor=mitsubishielectric AND product=position_board_utility_2
vendor=mitsubishielectric AND product=px_developer AND versionEndIncluding=1.53f
vendor=mitsubishielectric AND product=rt_toolbox2 AND versionEndIncluding=3.73b
vendor=mitsubishielectric AND product=rt_toolbox3 AND versionEndIncluding=1.82l
vendor=mitsubishielectric AND product=setting\/monitoring_tools_for_the_c_controller_module
vendor=mitsubishielectric AND product=slmp_data_collector AND versionEndIncluding=1.04e
AND
OR
vendor=mitsubishielectric AND product=gt_designer3 AND versionEndIncluding=1.241b
OR
vendor=mitsubishielectric AND product=got1000_series_gt10 AND version=-
vendor=mitsubishielectric AND product=got1000_series_gt11 AND version=-
vendor=mitsubishielectric AND product=got1000_series_gt12 AND version=-
vendor=mitsubishielectric AND product=got1000_series_gt14 AND version=-
vendor=mitsubishielectric AND product=got1000_series_gt15 AND version=-
vendor=mitsubishielectric AND product=got1000_series_gt16 AND version=-
vendor=mitsubishielectric AND product=got1000_series_gt21 AND version=-
vendor=mitsubishielectric AND product=got1000_series_gt23 AND version=-
vendor=mitsubishielectric AND product=got1000_series_gt25 AND version=-
vendor=mitsubishielectric AND product=got1000_series_gt27 AND version=-
AND
OR
vendor=mitsubishielectric AND product=network_interface_board_cc-link_ver.2_utility_firmware
OR
vendor=mitsubishielectric AND product=network_interface_board_cc-link_ver.2_utility AND version=-
AND
OR
vendor=mitsubishielectric AND product=network_interface_board_cc_ie_control_utility_firmware
OR
vendor=mitsubishielectric AND product=network_interface_board_cc_ie_control_utility AND version=-
AND
OR
vendor=mitsubishielectric AND product=network_interface_board_cc_ie_field_utility_firmware
OR
vendor=mitsubishielectric AND product=network_interface_board_cc_ie_field_utility AND version=-
AND
OR
vendor=mitsubishielectric AND product=network_interface_board_mneth_utility_firmware
OR
vendor=mitsubishielectric AND product=network_interface_board_mneth_utility AND version=-
 

Reference

 


Keywords

NVD

 

CVE-2020-14521

 

CVE

 

Common vulnerabilities & exposures

 

CVSS

 

Common vulnerability scoring system

 

Security

 

Vulnerabilities

 

Exposures

 

We use cookies to ensure that we give you the best experience on our website. Read privacy policies for more information.