Multiple Mitsubishi Electric Factory Automation engineering software products have a malicious code execution vulnerability. A malicious attacker could use this vulnerability to obtain information, modify information, and cause a denial-of-service condition.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:L/Au:N/C:P/I:P/A:P
Vendors Products
Mitsubishielectric
  • Network Interface Board Mneth Utility Firmware
  • Melsoft Em Software Development Kit
  • Position Board Utility 2
  • Rt Toolbox2
  • Setting\/monitoring Tools For The C Controller Module
  • Gt Designer3
  • Melsoft Complete Clean Up Tool
  • Got1000 Series Gt15
  • Cc-link Ie Tsn Data Collector
  • Network Interface Board Mneth Utility
  • Got1000 Series Gt27
  • Mx Sheet
  • Cpu Module Logging Configuration Tool
  • Data Transfer
  • Mtconnect Data Collector
  • Network Interface Board Cc-link Ver.2 Utility Firmware
  • Network Interface Board Cc Ie Field Utility
  • Mx Mesinterface-r
  • Fr Configurator2
  • Mt Works2
  • Fr Configurator Sw3
  • Got1000 Series Gt10
  • Melsoft Iq Appportal
  • Got1000 Series Gt14
  • Motion Control Setting
  • Rt Toolbox3
  • Network Interface Board Cc-link Ver.2 Utility
  • C Controller Module Setting And Monitoring Tool
  • Cw Configurator
  • Gt Softgot1000
  • M Commdtm-io-link
  • Px Developer
  • Got1000 Series Gt12
  • Motorizer
  • Got1000 Series Gt25
  • Network Interface Board Cc Ie Control Utility
  • Mx Component
  • Melfa-works
  • Gx Works3
  • Mi Configurator
  • Network Interface Board Cc Ie Field Utility Firmware
  • Got1000 Series Gt21
  • Cc-link Ie Control Network Data Collector
  • C Controller Interface Module Utility
  • Got1000 Series Gt23
  • Ezsocket
  • Melsoft Navigator
  • Melsec Wincpu Setting Utility
  • Network Interface Board Cc Ie Control Utility Firmware
  • Gt Designer2 Classic
  • Cc-link Ie Field Network Data Collector
  • Mr Configurator2
  • Gx Works2
  • Slmp Data Collector
  • Gx Developer
  • Gt Softgot2000
  • Got1000 Series Gt16
  • Mx Mesinterface
  • Gx Logviewer
  • Got1000 Series Gt11

Configuration 1 [-]

OR cpe:2.3:a:mitsubishielectric:c_controller_interface_module_utility:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:c_controller_module_setting_and_monitoring_tool:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:cc-link_ie_control_network_data_collector:1.00a:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:cc-link_ie_field_network_data_collector:1.00a:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:cc-link_ie_tsn_data_collector:1.00a:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:cpu_module_logging_configuration_tool:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:cw_configurator:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:data_transfer:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:ezsocket:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:fr_configurator_sw3:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:fr_configurator2:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:gt_designer2_classic:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:gt_softgot1000:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:gt_softgot2000:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:gx_developer:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:gx_logviewer:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:gx_works2:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:gx_works3:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:m_commdtm-io-link:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:melfa-works:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:melsec_wincpu_setting_utility:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:melsoft_complete_clean_up_tool:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:melsoft_em_software_development_kit:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:melsoft_iq_appportal:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:melsoft_navigator:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:mi_configurator:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:motion_control_setting:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:motorizer:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:mr_configurator2:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:mt_works2:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:mtconnect_data_collector:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:mx_component:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:mx_mesinterface:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:mx_mesinterface-r:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:mx_sheet:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:position_board_utility_2:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:px_developer:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:rt_toolbox2:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:rt_toolbox3:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:setting\/monitoring_tools_for_the_c_controller_module:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:slmp_data_collector:*:*:*:*:*:*:*:*

Configuration 2 [-]

AND
cpe:2.3:a:mitsubishielectric:gt_designer3:*:*:*:*:*:*:*:*
OR cpe:2.3:h:mitsubishielectric:got1000_series_gt10:-:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:got1000_series_gt11:-:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:got1000_series_gt12:-:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:got1000_series_gt14:-:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:got1000_series_gt15:-:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:got1000_series_gt16:-:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:got1000_series_gt21:-:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:got1000_series_gt23:-:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:got1000_series_gt25:-:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:got1000_series_gt27:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND
cpe:2.3:o:mitsubishielectric:network_interface_board_cc-link_ver.2_utility_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:network_interface_board_cc-link_ver.2_utility:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND
cpe:2.3:o:mitsubishielectric:network_interface_board_cc_ie_control_utility_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:network_interface_board_cc_ie_control_utility:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND
cpe:2.3:o:mitsubishielectric:network_interface_board_cc_ie_field_utility_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:network_interface_board_cc_ie_field_utility:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND
cpe:2.3:o:mitsubishielectric:network_interface_board_mneth_utility_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:network_interface_board_mneth_utility:-:*:*:*:*:*:*:*
References
Link Resource
https://www.cisa.gov/uscert/ics/advisories/icsa-20-212-04 Third Party Advisory US Government Resource
https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2020-007_en.pdf Vendor Advisory
History

No history.

cve-icon MITRE Information

Status: PUBLISHED

Assigner: icscert

Published: 2020-07-30T00:00:00

Updated: 2023-03-07T21:29:25.280Z

Reserved: 2020-06-19T00:00:00

Link: CVE-2020-14521

JSON object: View

cve-icon NVD Information

Status : Modified

Published: 2022-02-11T18:15:08.513

Modified: 2023-11-07T03:17:15.377

Link: CVE-2020-14521

JSON object: View

cve-icon Redhat Information

No data.

CWE