Versio.io

CVE-2020-14496

Common vulnerabilities & exposures (CVE)

CVE databaseCVE database blogpostRelease & EoL database
 
Published at: - 19-05-2022 08:15
Last modified: - 07-06-2022 11:15
Total changes: - 2

Description

Successful exploitation of this vulnerability for multiple Mitsubishi Electric Factory Automation Engineering Software Products of various versions could allow an attacker to escalate privilege and execute malicious programs, which could cause a denial-of-service condition, and allow information to be disclosed, tampered with, and/or destroyed.

Common Vulnerability Scoring System (CVSS)

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Low
Attack complexity
Network
Attack vector
High
Availability
High
Confidentiality
High
Integrity
None
Privileges required
Unchanged
Scope
None
User interaction
9.8
Base score
3.9
5.9
Exploitability score
Impact score
 

Verification logic

OR
vendor=mitsubishielectric AND product=m_commdtm-hart AND versionEndExcluding=1.01b
vendor=mitsubishielectric AND product=gx_works3 AND versionEndExcluding=1.065t
vendor=mitsubishielectric AND product=gx_works2 AND versionEndExcluding=1.595v
vendor=mitsubishielectric AND product=gx_logviewer AND versionEndExcluding=1.106k
vendor=mitsubishielectric AND product=gt_softgot2000 AND versionEndExcluding=1.236w
vendor=mitsubishielectric AND product=gt_softgot1000 AND versionEndExcluding=3.245f
vendor=mitsubishielectric AND product=gt_designer3 AND versionEndExcluding=1.236w
vendor=mitsubishielectric AND product=fr_configurator2 AND versionEndExcluding=1.23z
vendor=mitsubishielectric AND product=ezsocket AND versionEndExcluding=4.6
vendor=mitsubishielectric AND product=data_transfer AND versionEndExcluding=3.41t
vendor=mitsubishielectric AND product=cw_configurator AND versionEndExcluding=1.011m
vendor=mitsubishielectric AND product=cpu_module_logging_configuration_tool AND versionEndExcluding=1.106k
vendor=mitsubishielectric AND product=rt_toolbox3 AND versionEndExcluding=1.80j
vendor=mitsubishielectric AND product=rt_toolbox2 AND versionEndExcluding=3.73b
vendor=mitsubishielectric AND product=px_developer AND versionEndExcluding=1.53f
vendor=mitsubishielectric AND product=network_interface_board_mneth_utility AND versionEndExcluding=35m
vendor=mitsubishielectric AND product=network_interface_board_cc-link_ver.2_utility AND versionEndExcluding=1.24a
vendor=mitsubishielectric AND product=network_interface_board_cc_ie_field_utility AND versionEndExcluding=1.17t
vendor=mitsubishielectric AND product=network_interface_board_cc_ie_control_utility AND versionEndExcluding=1.30g
vendor=mitsubishielectric AND product=mx_component AND versionEndExcluding=4.20w
vendor=mitsubishielectric AND product=mt_works2 AND versionEndExcluding=1.160s
vendor=mitsubishielectric AND product=mr_configurator2 AND versionEndExcluding=1.106l
vendor=mitsubishielectric AND product=motorizer AND versionEndExcluding=1.010l
vendor=mitsubishielectric AND product=mh11_settingtool_version2 AND versionEndExcluding=2.003d
vendor=mitsubishielectric AND product=melsoft_navigator AND versionEndExcluding=2.70y
vendor=mitsubishielectric AND product=melsoft_fielddeviceconfigurator AND versionEndExcluding=1.04e
vendor=mitsubishielectric AND product=em_configurator AND versionEndExcluding=1.015r
vendor=mitsubishielectric AND product=melfa-works AND versionEndExcluding=4.4
vendor=mitsubishielectric AND product=m_commdtm-io-link AND versionEndExcluding=1.04e
 

Reference

 


Keywords

NVD

 

CVE-2020-14496

 

CVE

 

Common vulnerabilities & exposures

 

CVSS

 

Common vulnerability scoring system

 

Security

 

Vulnerabilities

 

Exposures

 

We use cookies to ensure that we give you the best experience on our website. Read privacy policies for more information.