Описание
Use of Hard-coded Cryptographic Key vulnerability in Mitsubishi Electric GX Works3 versions from 1.000A to 1.095Z, and Motion Control Setting(GX Works3 related software) versions from 1.000A to 1.065T allows a remote unauthenticated attacker to disclose or tamper with sensitive information. As a result, unauthenticated attackers may obtain information about project files illegally.
Ссылки
- Third Party AdvisoryVDB Entry
- MitigationVendor Advisory
- Third Party AdvisoryVDB Entry
- MitigationVendor Advisory
Уязвимые конфигурации
Одно из
EPSS
9.1 Critical
CVSS3
Дефекты
Связанные уязвимости
Use of Hard-coded Cryptographic Key vulnerability in Mitsubishi Electric GX Works3 all versions allows a remote unauthenticated attacker to disclose or tamper with sensitive information. As a result, unauthorized users may obtain information about project files illegally.
Уязвимость механизма разграничения доступа программного обеспечения для программирования ПЛК Mitsubishi Electric GX Works3, позволяющая нарушителю выполнить произвольный код
EPSS
9.1 Critical
CVSS3